Crypto Heist Alert: Retired Artist Loses $2M in Daring Coinbase Impersonation Scam!

Scammers Strike After Coinbase's Customer Support Breach

Holy smokes! Retired artist Ed Suman, 67, got hit hard—losing over $2 million in crypto to slick Coinbase impersonators! These crooks, armed with data possibly snatched from Coinbase's recent customer support breach, zeroed in on Suman in early March.

Imagine this: Suman gets a text out of the blue, looking like it's straight from Coinbase, screaming about sketchy activity on his account. He bites the bait, and boom—a dude claiming to be a Coinbase security guru named Brett Miller rings him up. This guy's so smooth, he even knows Suman's using a Trezor Model One wallet!

These social engineering wizards thrive on planting seeds of doubt. They had Suman convinced his funds were on the chopping block, even though they were chilling offline in a hardware wallet. Crazy, right?

So, Suman gets talked into a so-called "security check," typing his seed phrase into a bogus site that's all decked out like Coinbase's legit interface. Nine days later, another imposter swoops in, saying the first fix was a dud, and guess what? They get him to do it all over again. Poof! All his crypto—17.5 Bitcoin and 225 Ether, worth over $2 million—vanishes into thin air.

Suman, who used to pour his soul into large-scale art for nearly two decades before diving into crypto in 2017, had his assets locked up in cold storage to steer clear of exchange risks. Yet, here we are.

The scammers dropping details about Suman's wallet and stash? Big red flags! Turns out, this might be just one hit in a wave of attacks following a major Coinbase breach the company fessed up to on May 15.

And get this—the breach wasn't some high-tech hack. Nope, it was all about social engineering! Scammers greased the palms of third-party support contractors in India, snagging sensitive customer info like names, account balances, transaction histories, and even bits of Social Security numbers and KYC docs.

Coinbase sniffed out the intrusion with their internal monitoring, but whispers say it might've kicked off as early as January, months before they let the cat out of the bag.

Hold onto your hats—these attackers didn't stop there. They tried to shake down Coinbase for $20 million, threatening to spill the stolen data. Coinbase wasn't playing that game, though.

While Coinbase says less than 1% of their monthly transacting users got hit, that's still tens of thousands of accounts. Even Sequoia Capital's bigwig Roelof Botha got his personal info swiped!

The fallout? Coinbase is staring down the barrel of $180–$400 million in costs for fixing this mess and making it right. They've promised to cough up for scam victims tied to the breach, but Suman's still waiting to hear if he'll see a dime back.