The Block founder Mike Dudas sounded the alarm in a social media post on June 5, warning that he received a fake letter at his home address.
The letter included his personal details and claimed to offer identity protection services on behalf of Coinbase and IDX, suggesting the scammers are using data obtained during the breach.
Dudas warned:
“Your data is now everywhere, and you are a global target. Stay vigilant, stay safe.”
The correspondence impersonated IDX, a legitimate identity protection service Coinbase has used in the past, and attempts to trick recipients into responding with more information.
While Coinbase has maintained that passwords and crypto funds remain safe, security experts warn that the breadth of the leaked information leaves users vulnerable to identity fraud, social engineering, and now—offline impersonation scams.
Coinbase has not yet issued a statement on the mail-based scam. The company previously announced enhanced security measures, voluntary credit monitoring offers, and a $20 million reward for information leading to the attackers’ arrest.
With personal data in circulation and new vectors of attack emerging, cybersecurity professionals urge affected users to monitor credit reports, validate all communications, and report any suspicious letters to both Coinbase and law enforcement.