The fallout from Coinbase’s recent data breach has reached a troubling new phase as victims report receiving fraudulent physical letters in the mail, exploiting their exposed personal information to advance a credit protection scam.
The Block founder Mike Dudas sounded the alarm in a social media post on June 5, warning that he received a fake letter at his home address.
The letter included his personal details and claimed to offer identity protection services on behalf of Coinbase and IDX, suggesting the scammers are using data obtained during the breach.
Warned doubts:
“Your data is now everywhere, and you are a global target. Stay vigilant, stay safe.”
Phishing moves offline
The scam letters represent a rare form of phishing conducted via US postal mail rather than digital means, which is usually the case for crypto-linked scams.
The correspondence impersonated IDX, a legitimate identity protection service Coinbase has used in the past, and attempts to trick recipients into responding with more information.
The shift to physical mail highlights the real-world implications of the breach, which exposed sensitive data of 69,461 Coinbase users, including names, home addresses, partial Social Security numbers, and identification images.
While Coinbase has maintained that passwords and crypto funds remain safe, security experts warn that the breadth of the leaked information leaves users vulnerable to identity fraud, social engineering, and now—offline impersonation scams.
Data breach
The original breach was linked to bribed customer support contractors working overseas. The compromised data has since been leveraged by cybercriminals in phishing emails, fake login portals, and now physical mail.
Coinbase has not yet issued a statement on the mail-based scam. The company previously announced enhanced security measures, voluntary credit monitoring offers, and a $20 million reward for information leading to the attackers’ arrest.
With personal data in circulation and new vectors of attack emerging, cybersecurity professionals urge affected users to monitor credit reports, validate all communications, and report any suspicious letters to both Coinbase and law enforcement.
Mentioned in this articleLatest Alpha Market Report
Source link
GIPHY App Key not set. Please check settings