Coinbase Global Inc., the largest cryptocurrency exchange in the U.S., disclosed a data breach affecting approximately 69,461 users in December 2024. The company revealed the attack and subsequent ransom demands to the Maine Attorney General’s Office on Tuesday, weeks after confirming cybercriminals demanded $20 million to prevent public release of stolen data on the dark web. 2% of Coinbase’s global user base was impacted, triggering federal investigations and lawsuits for how it handled the incident. 6MV managing partner Mike Dudas believes he may be among those targeted by the hackers, citing a large volume of personal information compromised in the breach. The attackers employed social engineering techniques, targeting customer service agents working for Coinbase outside the United States, instead exploiting technical vulnerabilities. These agents were bribed with cash to gain access to internal tools and client information. The breached data includes names, addresses, nationalities, government-issued IDs, birth dates, and banking information. 69,461 users were impacted and Coinbase confirmed that passwords, private keys, and user funds were not affected, but cybersecurity experts worry the information could be used in identity theft and impersonation. A ransom demand was received by Coinbase on May 11th, several months after the data breach, threatening public release of stolen information if a payment of $20 million is not made. The company disclosed that they already began collecting user data before this period. Coinbase has cooperated with all relevant law enforcement agencies and terminated employees involved in the breach. American investor Michael Arrington criticized Coinbase’s delayed disclosure, citing the