// UNCLASSIFIED // CLEARED FOR PUBLIC RELEASE //
FILE BRC-newsDTG 0600Z
ColdRecon / Breach Radar / Coinbase
Breach Record

Coinbase

DISCLOSED 2025-05-15 · INSIDER

Coinbase confirmed that rogue contractors stole customer data and demanded a $20 million ransom. The breach was reported to the SEC. The incident involved an extortion attempt rather than a technical compromise.

The record

What we know

Disclosed
2025-05-15
Attack vector
Insider
Sector
cryptocurrency
Country
US
Domain
coinbase.com
Data classes exposed
customer data
ColdRecon assessment

Could a positive-security control have prevented this?

Verdict · no · opinion

The breach involved rogue contractors stealing data, not unauthorized code execution or system changes, so a positive-security model would not have prevented this insider data theft.

Our assessments are opinion, grounded in the cited public facts. Read them critically.

Sources

Cited reporting

Similar vector · recent

Other insider breaches on file

This page is the permanent ColdRecon entry for the Coinbase disclosure. It updates if new public reporting emerges. All tracked breaches →

Coinbase just lived through this. Your next prospect doesn't have to.

ColdRecon turns every disclosed breach into a daily intelligence brief from the seller's seat — normalized to the factors that move a deal, written in the Handler's voice. Request clearance and the first lands tomorrow at 0600.

Request Clearance →