Insight Partners
January 16, 2025
•[ ransomware, social engineering, data leak ]
On January 16, 2025, Insight Partners detected a cyberattack following a social engineering intrusion first traced to October 2024. Attackers exfiltrated sensitive files related to funds, management companies, portfolio companies, banking and tax records, and personally identifiable data of employees, partners, and investors. More than 12,000 individuals were affected. The incident escalated into a ransomware attack, with systems partially encrypted before containment. No named threat group has been identified, but the actor is criminal and financially motivated.
Coinbase users
December 1, 2024
•[ phishing, social engineering ]
Between December 2024 and January 2025, criminal phishing campaigns impersonating Coinbase support stole approximately $65 million in cryptocurrency from hundreds of users worldwide. Attackers used fake login pages, wallet-draining scripts, and social-engineering messages to capture credentials and bypass two-factor authentication. Coinbase confirmed that its own systems were not breached.
