Date: 2025-05-22 Incident Overview A sophisticated API exploit targeting Coinbase allowed attackers to bypass multi-factor authentication (MFA) and drain ~$15M from user accounts. The breach exploited flaws in Coinbase’s OAuth token validation and targeted high-net-worth individuals. Affected Systems: – Coinbase user accounts (primarily institutional clients) – Third-party apps integrated via Coinbase API Timeline of Events…