Hackers targeted the Instagram account of hip-hop group Migos, exposing Solana co-founder Raj Gokal’s personal information. This attack, which included leaked Know Your Customer (KYC) images, may be connected to a recent Coinbase data breach.
Hackers got Gokal’s passport, ID, phone number, and personal family details. “You have to wonder, what’s the level of security on social media?” he later wrote via his Twitter account. After Gokal is alleged to have refused a ransom demand of 40 BTC, worth roughly $4.4 million, the attackers used the compromised account to post sensitive data. The information was leaked for almost 90 minutes until it was removed, receiving thousands of interactions.
Gokal and Migos’ accounts compromised
Raj Gokal reported multiple hacking attempts on his personal accounts, including email and social media platforms, just days before the breach. On May 27, hackers hijacked the Migos Instagram page, which has over 13 million followers. They posted KYC images of Gokal and his wife, revealing private addresses and other details.
Security analysts said social engineering and phishing techniques were widely used to breach the web application successfully. The attackers who changed Migos’ Instagram bio to advertise a meme coin also posted Gokal’s information alongside a ransom message. However, this incident has raised even more questions regarding platform security and the response times that major companies like Meta take.
Coinbase data breach raises security concerns
Coinbase revealed a security breach affecting 69,461 customers, which is less than 1% of its user base. The breach, which spanned from December 26, 2024, to earlier this month, compromised sensitive personal data, including names, contact details, masked Social Security numbers, and bank account information.
The attackers bribed overseas customer support staff to steal data. Coinbase’s chief legal officer, Paul Grewal, stated that the company had alerted law enforcement agencies, including the U.S. Department of Justice, and launched an internal investigation. Coinbase clarified that no funds, passwords, or private keys were compromised and that its Prime user accounts were not affected.
Experts call for stronger security measures
Commenting on Instagram’s recurring security vulnerabilities, especially with inactive celebrity accounts industry experts, including online analyst ZachXBT, confirmed the platform’s turn in the trend. The matter also raised fresh calls for better social media security and quicker responses to breaches.
While Instagram reportedly removed the posts quickly, some were concerned about how personal data is protected on these sites. According to additional reports, “Arvind” also had his Solana balance leaked through the same Migos account, and a number of links were posted to a Telegram group, where illegal distribution of unreleased music was suggested. The incident puts pressure on platforms to protect their data better.