Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
mstdn.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A general-purpose Mastodon server with a 500 character limit. All languages are welcome.

Administered by:

Server stats:

14K
active users

mstdn.social: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.8

#coinbase

81 posts65 participants5 posts today
Continued thread
Public
Molly White

Coinbase has disclosed a substantial customer data breach, blaming it on “rogue overseas support agents”. This follows months of crypto security researchers warning about apparent security issues at the company.

According to Coinbase, the data thieves bribed members of Coinbase’s support team, which is based overseas and reportedly makes very little money. It seems Coinbase has been aware of a breach for several months, but only reported it on May 14.

At least five lawsuits have been filed about the breach in the days since, but a change to Coinbase’s customer agreement that went into effect on May 15 may make it more challenging for customers to obtain relief.

Coinbase On May 12, Coinbase announced it will join the S&P 500 as its “first and only crypto company”.1a This is the latest change that may see more American investors inadvertently exposed to the cryptocurrency industry via index funds, following MicroStrategy’s entry into the NASDAQ-100 in December 2024 [I72]. Their joy was likely tempered when, only two days later on May 14, they had to announce a data breach that exposed customer data including names, addresses, phone numbers, email addresses, images of government ID documents, account balance and transaction data, and masked social security and bank account numbers. Although leaks like this typically lead to an uptick in phishing attempts, where scammers use the private information to contact customers and more convincingly impersonate Coinbase employees, the leak of account balance data and customer addresses is also particularly concerning given the recent spike in violent attacks and kidnappings targeting wealthy crypto holders. Crypto security researchers have been warning for months about Coinbase’s evidently poor security practices and lack of attention to customer complaints, and describing hacks in which victims reported being scammed by attackers who seemed to have access to private Coinbase data [I76]. In February, zachxbt wrote: “Coinbase needs to urgently make changes as more and more users are being scammed for tens of millions every month. ... Coinbase is in a position where they have the power to make
According to Coinbase, the data thieves bribed some members of Coinbase’s poorly paid offshore customer support team, who they described as “rogue overseas support agents”, who are reportedly earning less than $5,000 annually.2 Coinbase’s cybersecurity disclosure filing with the SEC admitted that they had been grappling with this issue for months: “The threat actor appears to have obtained this information by paying multiple contractors or employees working in support roles outside the United States to collect information from internal Coinbase systems to which they had access in order to perform their job responsibilities. These instances of such personnel accessing data without business need were independently detected by the Company’s security monitoring in the previous months.”3 Bloomberg later reported that “the hackers did have near-constant access to some of Coinbase Global Inc.’s most valuable customer data since January”, citing an anonymous source familiar with the incident.4
At least five lawsuits have been filed against Coinbase since the breach disclosure.5 However, an incredibly conveniently timed update to Coinbase’s customer terms, announced on April 12 and applying to disputes filed after May 15, may make it more challenging for these cases to succeed. While Coinbase’s customer terms previously contained some text seeking to limit class action lawsuits and force customers into arbitration, the update made some key changes, most significantly aiming to force lawsuits to be filed in New York. The new version also expands clauses limiting collective litigation, mass arbitration, and sharing of information between separate parties involved in arbitration proceedings against Coinbase. It also aims to force any claims that do proceed in court rather than arbitration to go to a bench trial instead of a trial by jury, reduces thresholds triggering batch arbitration, and much more prominently highlights the “Class, Collective, Representative, and Mass Action Waiver and Jury Trial Waiver”. Of the five lawsuits filed against Coinbase for the data breach thus far, all are class actions, none were filed before May 15, and two were filed outside of New York.
#cryptocurrency#crypto#coinbase
Public
gtbarry

Coinbase Will Reimburse Customers Up to $400 Million After Data Breach

The cryptocurrency exchange Coinbase said it suffered a data breach in which attackers stole customers’ names, physical and email addresses, phone numbers, government IDs, last four digits of Social Security numbers, and other financial information.

#coinbase #cryptocurrency #crypto #web3 #fintech #databreach #infosec #security #cybersecurity #hackers #hacking #hacked

wired.com/story/coinbase-will-

WIRED · Coinbase Will Reimburse Customers Up to $400 Million After Data BreachBy Lily Hay Newman
Public *
Molly White

In April, Coinbase announced changes to its user agreement that added two clauses limiting class action lawsuits and requiring lawsuits to be filed in New York. The changes apply to disputes initiated after May 15.

On May 14, Coinbase disclosed a data breach.

Five lawsuits have been filed against Coinbase in response to the breach since then: all class action, none before May 15, two outside of New York.

Coinbase logo  4/12/2025 Update to the Coinbase User Agreement We are emailing you about an important upcoming update to the Coinbase User Agreement. This update will revise our Arbitration Agreement with you. We made these updates to streamline the process for resolving disputes. You can read the entire agreement here. The revised terms are in sections 9.9, 9.10 and Appendix 6. These terms apply only to disputes that you or we initiate after May 15, 2025. The current terms will continue to apply until May 15. Please make sure you read the updated User Agreement. Thank you for being part of the crypto economy! Team Coinbase
9.9. Class, Collective, Representative, and Mass Action Waiver and Jury Trial Waiver. You and Coinbase agree that, except as specified in the Batch Arbitration Provision set forth above, each of us may bring claims against the other only on an individual basis and not on a class, representative, or collective basis or as part of a mass action (such as a mass arbitration), and the parties hereby waive all rights to bring or to participate in such actions in arbitration or in court to the maximum extent permitted by applicable law. This provision does not prevent you or Coinbase from participating in a class-wide settlement of claims. YOU AND WE AGREE TO WAIVE OUR RIGHTS TO A JURY TRIAL. To the extent that any Dispute proceeds in court, and to the maximum extent permitted by applicable law, you and we agree to waive any right to a jury trial and have such matter resolved by a judge (also known as a bench trial). 9.10 Forum Selection. Unless you and Coinbase agree otherwise, to the maximum extent permitted by applicable law, the state and federal courts in New York, New York (except for small claims courts, in which case you and we agree to resolve our Disputes in a small claims court of competent jurisdiction) will have exclusive jurisdiction over any Dispute that is not subject to arbitration or over any action involving the applicability or enforceability of the Dispute Resolu
#Coinbase#crypto#cryptocurrency
Continued thread
Public
neongod

The support is built in a way to deflect all your contact attempts to useless articles. Even if you manage to find their email address, the automated reply will say that they don't reply and won't call you back either.

The only way I found to contact them is to talk with the dumb AI chatbot and demand human assistance. It finally contacted me with a human to whom I could confirm that I waive any claim to my 0.01$ and request deletion in accordance with Article 17 of GDPR.

Public *
neongod

If you ever made the mistake to create a account and put money in there, leaving them is no simple task.

Closing the account is only possible if your balance is 0.0 and there are no pending transactions. If you withdraw, due to transaction fees it's very likely you will have some leftovers. I had 0.01$. Which you can't cash out as the minimum amount is 1. But if you try, it will become a pending transaction...

Public
ResearchBuzz: Firehose

Reuters: Coinbase warns of up to $400 million hit from cyberattack. “Coinbase forecast a hit of $180 million to $400 million from a cyberattack that breached account data of a ‘small subset’ of its customers, the crypto exchange said in a regulatory filing on Thursday. The company received an email from an unknown threat actor on May 11, claiming to have information about certain customer […]

https://rbfirehose.com/2025/05/19/reuters-coinbase-warns-of-up-to-400-million-hit-from-cyberattack/

ResearchBuzz: Firehose | Individual posts from ResearchBuzz · Reuters: Coinbase warns of up to $400 million hit from cyberattack | ResearchBuzz: Firehose
More from ResearchBuzz: Firehose
#coinbase#Cryptocurrency#CyberSecurity
Public
Xavier «X» Santolaria :verified_paw: :donor:

🔥 Latest issue of my curated #cybersecurity and #infosec list of resources for week #20/2025 is out!

It includes the following and much more:

🚫 Twilio denied being breached;

💸 #Ransomware could soon target CPUs;

🇬🇧 Marks and Spencer has confirmed that hackers stole customers' personal data;

🥷🏻 #Coinbase says customers’ personal information stolen in #databreach;

💰 #Google has agreed to pay $1.375 billion to Texas to settle claims;

📨 Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️

infosec-mashup.santolaria.net/

Twilio denied being breached; Ransomware could soon target CPUs; Marks & Spencer has confirmed that hackers stole customers' personal data; Coinbase says customers’ personal information stolen in data breach; Google has agreed to pay $1.375 billion to Texas to settle claims;
X’s InfoSec Newsletter🕵🏻‍♂️ [InfoSec MASHUP] 20/2025Twilio denied being breached; Ransomware could soon target CPUs; Marks & Spencer has confirmed that hackers stole customers' personal data; Coinbase says customers’ personal information stolen in data breach; Google has agreed to pay $1.375 billion to Texas to settle claims;
Public
⚯ Michel de Cryptadamus ⚯

#Coinbase saved on payroll by underpaying for work outsourced to India so that its customers could get defrauded of at least a few hundred million dollars *already*. They (the customers) will no doubt now be stalked for years by cybercriminals who have their passport, home address, and bank information.

#ThatsSoCrypto, but also this is why Coinbase donated so much money to get Donald Trump elected so #DOGE could, in Elon's immortal turn of phrase, "delete #CFPB" (meaning destroy the Consumer Financial Protection Bureau who were helping customers deal with their complaints about Coinbase).

@GivnerAriel What am | supposed to tell my clients? People are terrified. | got their permission to share. | have received this from numerous scared individuals. Cc @coinbase @brian_armstrong Hey Ariel, | was notified this morning that | was in the 1% of the Coinbase data. It is my on and off ramp, my license, my home address, bank info, amongst other things were leaked. I'm afraid that | or my kids will become a target. Is there anything | can do here?
#crime#crypto#fraud
Replied in thread
Public
⚯ Michel de Cryptadamus ⚯

@MatthewRosenquist you seem to be ignoring the fact that #Coinbase is an inherently sketchy af if not entirely fraudulent company that makes most of its money encouraging its users to trade things like TrumpCoin and that only ended up in this predicament because it tried to save money outsourcing customer service to underpaid reps in India

they saved on payroll so their customers could could stalked by criminals for years. it is in no way "AWESOME".

ExploreLive feeds
About