Authored by Zoltan Vardai via CoinTelegraph.com,

A recent data breach at crypto exchange Coinbase has raised concerns about user safety after hackers gained access to sensitive information, including home addresses.

Coinbase, the world’s third-largest cryptocurrency exchange, confirmed that less than 1% of its transacting monthly users were affected in an attack that may cost the exchange up to $400 million in reimbursement expenses, Cointelegraph reported on May 15.

However, the “human cost” of this data breach may be much higher for users, according to Michael Arrington, the founder of TechCrunch and Arrington Capital.

“Very disappointed in Coinbase right now. Using the cheapest option for customer service has its price,” Arrington said in a May 20 X post, adding:

“Something that has to be said though - this hack - which includes home addresses and account balances - will lead to people dying. It probably has already.”

Source: Michael Arrington

While no passwords, private keys or account funds were exposed, cybercriminals reportedly bribed overseas customer service contractors to access internal systems. This allowed them to steal personal data that could be used in social engineering scams or even physical extortion attempts.

With Bitcoin trading above $100,000, crypto wealth has become a growing target for criminals. Experts warn that leaked address data could expose high-net-worth individuals to real-world risks.

On May 16, Cointelegraph reported on six violent robberies that targeted cryptocurrency investors, aiming to extort digital assets via kidnapping or torture.

In a ruthless attack on May 4, the father of a French crypto entrepreneur was abducted in Paris, France. The kidnappers cut the victim’s finger and sent a video to his son, demanding 5 million euros in crypto.

The victim was held for two days before French police were able to find and rescue him. According to CNN, five people were arrested in connection with the kidnapping.

Crypto exchanges need “layered” cybersecurity

To prevent similar user data breaches, crypto exchanges need to adopt a “layered defense strategy,” according to Ronghui Gu, the co-founder of CertiK Web3 security firm.

“This can include privileged access management, zero trust architecture, multifactor authentication across internal systems, and continuous monitoring with behavioral analytics,” Gu told Cointelegraph, adding:

“Preventive measures such as regular phishing simulations, tailored security training, and restricting third-party access to sensitive systems may help reduce these risks.”

However, crypto platforms will need to “rethink their security posture” as attackers “increasingly target human vulnerabilities rather than technical ones,” added Gu, warning of the rising threat of social engineering schemes.

Incidents and losses in 2024 by month. Source: CertiK

Social engineering schemes, such as phishing scams, were the most significant security threat of 2024, costing the industry over $1 billion across 296 incidents, according to CertiK.