secwatch.observer — SEC 8-K summary
======================================

Issuer:     Coinbase Global, Inc. (COIN)
CIK:        0001679788
Form:       8-K
Filed at:   2025-05-15T23:59:59+00:00
Accession:  0001679788-25-000094
Event type: cyber
Sentiment:  negative
Materiality: 0.85
Item codes: 1.05, 9.01
LLM model:  deepseek-v4-flash:cloud@v2

Coinbase cyber incident: estimated $180M-$400M remediation costs
----------------------------------------------------------------

- Threat actor paid multiple contractors/employees to collect customer data from internal systems; incident detected May 11, 2025.
- Compromised data includes name, address, phone, email, masked SSN (last 4 digits), masked bank accounts, government ID images, account balances and transaction history.
- No compromise of passwords, private keys, or customer funds; targeted personnel had no access to customer funds.
- Preliminary estimated expenses of $180M to $400M for remediation and voluntary customer reimbursements.
- Coinbase will reimburse eligible retail customers who sent funds to threat actor as direct result; cooperating with law enforcement.

Source:
  EDGAR index:    https://www.sec.gov/Archives/edgar/data/1679788/000167978825000094/0001679788-25-000094-index.htm
  Primary doc:    https://www.sec.gov/Archives/edgar/data/1679788/000167978825000094/coin-20250514.htm
  HTML page:      https://secwatch.observer/filing/0001679788-25-000094

License: Source filings: public domain (SEC EDGAR). Summaries (headline + bullets): CC-BY-4.0; attribute https://secwatch.observer