Coinbase is under intense scrutiny after a newly revealed data breach impacted 69,461 users—information that went unnoticed for nearly six months. A filing by legal firm Latham & Watkins LLP with Maine’s attorney general confirmed the breach began on December 26, 2024, but was only discovered on May 11, 2025. Among those affected, 217 are Maine residents.

The breach stemmed from a sophisticated social engineering attack where scammers tricked Coinbase customer service contractors into handing over sensitive user data, including names, contact info, and addresses. The attackers later demanded a $20 million ransom, threatening to leak the data. Coinbase refused to pay, fired the compromised contractors, and promised reimbursements to impacted users.

Despite these efforts, Coinbase now faces multiple lawsuits alleging it failed to notify victims promptly. The financial toll from the incident—including scam-related losses and remediation—has already reached $400 million. Coinbase shares fell 7% following public disclosure.

The breach has reignited debate around Know Your Customer (KYC) regulations in crypto, with critics arguing that centralized storage of personal data creates major security risks. Notably, Roelof Botha, a partner at Sequoia Capital, was among the victims, suggesting high-profile targets were also compromised.

The U.S. Department of Justice has launched a probe into the breach and extortion attempt, though no further updates have been issued. Legal experts and crypto executives are raising alarms that such data leaks may put investors at physical risk, opening the door to extortion, theft, and even kidnapping.