Coinbase said at least 69,461 customers had personal and financial information stolen during a months-long data breach that it disclosed last week.
The crypto giant confirmed the number of affected customers in a filing with Maine’s attorney general on Wednesday, as required by the state’s data breach notification law.
Coinbase’s filing said the breach dates back to December 26, 2024, and continued until earlier this month, when the company said it received a “credible” ransom note from the hacker claiming it had stolen customer data.
In a blog post, Coinbase said the hacker demanded $20 million in a ransom payment to delete the data, which Coinbase refused to pay. The company said the hacker bribed Coinbase customer support workers into accessing customers’ data over a period of several months.
The hacker stole customer names, email and postal addresses, phone numbers, government-issued identity documents, account balances, and transaction histories, amid fears that wealthy customers could be targeted.
