Coinbase insider-linked data leak – 69,461 affected in an incident linked to outside counsel acting on behalf of Coinbase. The breach occurred on December 26, 2024, but remained undiscovered until May 11, 2025. Coinbase submitted an official breach notification to the Maine state registry on May 30, 2025.
More on the Coinbase Data Leak and the Response Measures
Despite its significant success in expansion, Coinbase continues to face equally significant security challenges. This data leak has now come to light, affecting 69,461 individuals, including approximately 217 residents of the state of Maine.
In its official report, Coinbase stated that the source of the incident was an Outside Counsel acting on behalf of the company. The type of incident was classified as insider wrongdoing. As a result, the breach affected personal identifiers, including names or other elements combined with sensitive information, although the report does not provide exhaustive detail.
As compensation, Coinbase offered affected individuals one year of free services from IDX, including:
- credit monitoring,
- up to $1,000,000 in insurance coverage for losses,
- identity restoration,
- dark web monitoring to identify possible exposure of the data on illegal online forums.
Conclusion
Clearly, this incident does little to instill confidence in Coinbase, especially as users can no longer undo the compromise of their data, and only some identifiers may be replaceable.
That said, it is worth noting that Coinbase went beyond a formal apology and did provide affected users with a degree of compensation – which can be seen as a constructive move.
