Last week’s very organized violation of cryptocurrency exchange Coinbase (Coin) left more questions than answers.

While some paid tribute to Coinbas’s response as a “really good example” in dealing with a crisis, the violation has now caused a potentially massive privacy problem that reflects the headbox data violation in the 2021-what led to a series of robberies in the real world as criminals were able to get a grip on names and addresses of crypto holders. Coinbase has already acknowledged that its customers may have lost almost half a billion US dollars as a result of its violation.

Cybercrimine’s access to Coinbase user data by bribing and convincing Coinbase -Support employees to share this data, but this was completely preventable, according to several experts who spoke to Coindesk.

“A FailSafe system would make stealing data technically impossible, but Coinbase obviously did not prioritize these measures, leaving the door open,” Andy Zhou, co-founder of the blockchain security company Blocksec to Coindesk.

To allow these criminals to access personal data, whether through a hack or in this case social technique is a great blight on an exchange that facilitates billions of dollars value of volume every day. The violation created a myriad of questions, Including users’ privacy and trust. How could coinbase, a listed company, allow attackers to steal personal information and money through the front door? And could it have been prevented?

Hackett Communications CEO Heather Dale paid tribute to Coinbase’s response as a “masterclass in communication”, but Coinbas’s method of tackling the problems was simple: throw as much money on it as possible.

The exchange offered a $ 20 million miscarriage to anyone who reported information that would lead to an arrest or prosecution. It also undertook to voluntarily prove that the affected users between $ 180 million to $ 400 million.

What happened?

Before analyzing the fall of the violation, it is important to understand how exactly the violation occurred at a listed company that spends millions of dollars per year. Month on security infrastructure.

In February, on-chain Sleuth Zachxbt reported an increase in thefts involving coin-base users. He said it was “a result of aggressive risk models and Coinbase’s failure to stop stopping its users losing $ 300 [million] per. Years to social engineering scams. “

The fear of cyber criminals stealing hundreds of millions of dollars became a reality last week when Coinbase released a blog post that revealed that account balance, government -IID photos, phone numbers, addresses and masked bank account information were stolen.

Unlike other hacks and violations involving attackers utilizing a defective back-end, these attackers went through the front door-communicated directly with coinbase employees and bought access to the information via rogue insiders. Coinbase claimed that it fired all responsible employees on the spot, though it did not reveal the method it used to find those responsible in the blog post.

However, the problem is not limited to crypto. By 2022, Digital Bank confirmed Revolut that 50,000 sets of customer data were stolen, while the trading platform had leaked up to 5 million e -mail addresses a year later. The latter was fined $ 45 million by SEC after the violation after it turned out that some of the customers got their accounts wiped out by attackers.

The BBC reported in October that a particular revolutener -user lost £ 165,000 ($ 220,0000) after a data violation and that Neobank’s fraud -outline system prevented £ 475 million in false transactions by 2023.

Coinbase competitors Binance and Kraken said they managed to avert similar social technical attacks in recent weeks.

Coinbase CEO Brian Armstrong also published a video about X last week and said he received a “ransom -note” for $ 20 million in Bitcoin in exchange for these attackers who did not release any information they claimed to have received on coinbase customers.

Zachxbt added Thursday that attackers began to obscure the stolen funds by switching BTC to ETH on Thorchain, a place often used by the notorious North Korean hackers Lazarus Group.

‘Major Wake-up Call’

Andy Zhou, co -founder of the Blockchain Security Firm Blocksec, said Coindesk that Coinbase should have performed “stricter background control of employees handling sensitive data” and created “Alarms for strange activity” as a suddenly downloaded thousand of customer profiles.

Zhou added that Coinbase should have implemented several technical solutions. These include strict role-based access, which means that employees only see necessary data or privacy tools that allow work without revealing raw details (for example, blurring ID photos).

Nick Tautek, Lead Security Automation Architect at Swimlane, Coindesk said the violation should be a “big wake-up call” for robust insider threat detection.

“Since outsourcing scales and operations extend over time zones, insider threats and access management cannot be subsequently. A single insider with the right access, or in this case the wrong incentives can hit even the most fortified security position. Because, as this violation shows, it only takes 1% of customers broken to make 100% of the main line.”

However, not everyone hopes on Coinbase.

Michal Pospieszalk, CEO of Matterfi, said it “is not a coin base problem, it is a systemic vulnerability plagued crypto since the first day.”

He argued that the nature of sending crypto without a communicator means that all platforms are a mistaken mistake away from disaster.

Hackers need to construct a situation that can trick users into sending their funds into an irreversible transaction. In Coinbase’s case, attackers gained access to personally identifiable information from a junk employee.

According to Pospieszal, the root question is the problem of users who do not know if they send funds to the right recipient, adding that Crypto is running on a “Trust Me, Bro” model of identity verification and it is not sustainable.

What happens next?

Coinbase said it would voluntarily prove customers who lost funds during the violation and would continue to work with law enforcement to catch those responsible. But for users, it’s a darker path.

The exchange said in a regulatory archiving on Wednesday that the violation affected 69,461 customers. The filing also noted that the violation took place in December 2024 and was not discovered by Coinbase before May 15.

These details are out on the internet now and can even be for sale on the dark web and in shady telegram groups. Following the violation of the lawn book, customer information was published on Raidforums, a dishonest data sharing platform that led to an increase in phishing attempts.

Unfortunately, Coinbase can’t do anything to prevent sharing this leaked information, which lets the affected users try to put as many protective measures as possible. These include changing wallets, changing deposits on exchanges and even changing home addresses to avoid the risk of robberies in the real world. Users whose social security number were leaked should also lock their credit to prevent identity theft.

It can be cumbersome, but as seen earlier this year during the trial of kidnapping headbox founder David Balland (and several other people in the past few weeks), criminals will not stop before extracting the maximum amount of funds, even if it means the application of brutal acts of violence.

This also raises a potential legal question: If a coinbase customer were to be deprived of or assaulted due to the data violation, would coinbase be responsible? Ledger failed to escape a proposed trial earlier this year, with the applicants claiming that Ledger violated his privacy policy and should have had measures in place to prevent violation.

Crypto researcher Molly White also pointed out that Coinbase changed the user deal in April, adding two clauses that limit litigation and required litigation to be filed in New York with changes used on May 15, the same day the violation was announced.

Coinbase responded to Coindesk about White’s claims and stated that the stock exchange had “notified customers well in advance” of the user agreement and that it had a class case that was in place in “years.”

However, Coinbase did not comment on questions related to whether the violation was preventing or how it will protect customers who could be at risk of robberies in the real world in the future.

Read more: Market reaction at Coinbase Hack ‘Overblown,’ Sig Analysts like SEC -Ode sinks stock