The aftermath of the recent data breach at Coinbase has taken a disturbing turn as victims are now reporting receiving fraudulent physical letters in the mail. These letters are exploiting the exposed personal information of users in an attempt to carry out a credit protection scam.
The Block founder Mike Dudas raised the alarm on June 5 after receiving a fake letter at his home address. The letter contained his personal details and claimed to offer identity protection services on behalf of Coinbase and IDX, indicating that scammers may be using data obtained during the breach.
Dudas issued a warning to others, stating, “Your data is now everywhere, and you are a global target. Stay vigilant, stay safe.”
This new form of phishing via US postal mail is a departure from the more common digital means typically used in crypto-related scams. The scam letters impersonate IDX, a legitimate identity protection service that Coinbase has previously utilized, and aim to deceive recipients into providing additional information.
The shift to physical mail underscores the real-world consequences of the breach, which exposed sensitive information of 69,461 Coinbase users, including names, addresses, partial Social Security numbers, and identification images. While Coinbase has assured users that passwords and crypto assets are secure, security experts caution that the extent of the leaked data leaves individuals susceptible to identity theft, social engineering, and now, offline impersonation scams.
The original breach was attributed to compromised customer support contractors working overseas who were reportedly bribed. The stolen data has since been utilized by cybercriminals in various scams, including phishing emails, fake login portals, and now physical mail schemes.
Coinbase has yet to address the mail-based scam specifically. However, the company has implemented heightened security measures, offered voluntary credit monitoring services, and set up a $20 million reward for information leading to the apprehension of the attackers.
In light of the circulating personal data and the emergence of new attack methods, cybersecurity professionals advise affected users to regularly monitor their credit reports, verify the authenticity of all communications, and report any suspicious letters to both Coinbase and law enforcement agencies.
For more information on this topic, see the latest Alpha Market Report.