Ed Suman, a 67-year-old retired artist, lost $ 2 million of crypto after falling in love with a coin-imitator fraud. In March 2025 he received a text warning before suspicious activities on his coin base account. A person who called himself a Brett Miller then called and claimed to be of Coinbase Security.
Coinbase data injury exposed customers Infofofake Coinbase -website collected seed phrase
The caller said Suman's wallet might be in danger. He instructed him to enter his seed phrase in a spot that resembles coin base. The website called for full access registration information. Suman followed the instructions. Another caller repeated the method nine days later. After that, his Bitcoin and ether stocks disappeared.
Crypto fraud victim of Ed Suman. Source: Bloomberg
Suman had kept 17.5 Bitcoin and 225 Ether in a hardware letter bag of the Trezor model. At that point, Bitcoin was near USD $ 2.507 near $ 103,869. The total value of its investments exceeded 2 million US dollars.
Coinbase data injury exposed customer information
Coinbase confirmed a security violation in May 2025. The attacker passed the contractor based in India to access customer data. The infiltrated information included names, balances and transaction history. According to Coinbase, around 1% of lively monthly users were affected.
Coinbase fraud. Source: nanobaiter on x
Among them was the managing director of Sequoia Capital, Roelof Botha. He declined to comment. Coinbase explained that the contractors involved were released. Philip Martin, Chief Security Officer, confirmed the violation. The company expects the renovation costs between 180 and 400 million US dollars.
Fake Coinbase website collected seed phrase
The phishing site utilized in the fraud looked an identical to the Coinbase interface. It copied branding, login format and support sections. The site asked Suman to enter his seed kit – the private key to his hardware letter bag.
After admission, the attackers received full control. Suman received no warnings. The transfers passed quietly. When he checked his balance, all means had been moved. There were no recovery updates.
The attackers used probably troubled data from the violations of the Coinbase data. They contacted Suman by phone and SMS using accurate account details. They escalated the situation with follow-up calls and guided steps.
Coinbase has made it clear that it was never asked for seed phrases. The violation provided attackers enough information to issue official support. Suman, who was not aware of the violation, followed the instructions. His entire crypto savings disappeared.
