Retired artist Ed Suman lost over $2 million in cryptocurrency earlier this year after falling victim to a scam involving someone posing as a Coinbase support representative.

Suman, 67, spent nearly two decades as a fabricator in the art world, helping build high-profile works such as Jeff Koons’ Balloon Dog sculptures, according to a May 17 report by Bloomberg.

After retiring, he turned to cryptocurrency investing, eventually accumulating 17.5 Bitcoin (BTC) and 225 Ether (ETH) — a portfolio that comprised most of his retirement savings.

He stored the funds in a Trezor Model One, a hardware wallet commonly used by crypto holders to avoid the risks of exchange hacks. But in March, Suman received a text message appearing to be from Coinbase, warning him of unauthorized account access.

After responding, he got a phone call from a man identifying himself as a Coinbase security staffer named Brett Miller. The caller appeared knowledgeable, correctly stating that Suman’s funds were stored in a hardware wallet.

He then convinced Suman that his wallet could still be vulnerable and walked him through a “security procedure” that involved entering his seed phrase into a website mimicking Coinbase’s interface.

Nine days later, a second caller claiming to be from Coinbase repeated the process. By the end of that call, all of Suman’s crypto holdings were gone.

Related: Bitcoin breaks out while Coinbase breaks down: Finance Redefined

Coinbase suffers major data breach

The scam followed a data breach at Coinbase disclosed this week, in which attackers bribed customer support staff in India to access sensitive user information.

Stolen data included customer names, account balances, and transaction histories. Coinbase confirmed the breach impacted roughly 1% of its monthly transacting users.

Among those affected was venture capitalist Roelof Botha, managing partner at Sequoia Capital. There is no indication that his funds were accessed, and Botha declined to comment.

Coinbase’s chief security officer, Philip Martin, reportedly said the contracted customer service agents at the center of the controversy were based in India and had been fired following the breach.

The exchange has also said it plans to pay between $180 million and $400 million in remediation and reimbursement to affected users.

Magazine: Arthur Hayes $1M Bitcoin tip, altcoins’ powerful rally’ looms: Hodler’s Digest, May 11 – 17

United Kingdom crypto companies will need to collect and report data from every customer trade and transfer beginning Jan. 1, 2026 as part of a broader effort to improve crypto tax reporting, the UK government said.

Everything from the user’s full name, home address and tax identification number will need to be collected and reported for every transaction, including the cryptocurrency used and the amount moved, the UK Revenue and Customs department said in a May 14 statement.

Details of companies, trusts and charities transacting on crypto platforms will also need to be reported.

Failure to comply or inaccurate reporting may incur penalties of up to 300 British pounds ($398.4) per user. The UK Revenue and Customs department said it would inform companies on how to comply with the incoming measures in due course.

However, UK authorities are encouraging crypto firms to start collecting data now to ensure compliance readiness.

The new rule is part of the UK’s integration of the Organisation for Economic Development’s Cryptoasset Reporting Framework to improve transparency in crypto tax reporting.

The changes reflect the UK government’s aim to establish a more robust regulatory framework that supports industry growth while ensuring consumer protection.

Related: Bitwise lists four crypto ETPs on London Stock Exchange

UK Chancellor Rachel Reeves also introduced a draft bill in late April to bring crypto exchanges, custodians and broker-dealers within its regulatory reach to combat scams and fraud.

“Today’s announcement sends a clear signal: Britain is open for business — but closed to fraud, abuse, and instability,” Reeves said at the time.

A study from the UK’s Financial Conduct Authority last November found that 12% of UK adults owned crypto in 2024 — a significant increase from the 4% reported in 2021.

UK’s approach contrasts with EU’s MiCA

The UK’s move to integrate the crypto rules into its existing financial framework contrasts with the European Union’s approach, which introduced the new Markets in Crypto-Assets Regulation framework last year.

According to the MiCA Crypto Alliance, one key difference is that the UK will allow foreign stablecoin issuers to operate in the UK without needing to register.

There will also be no cap on stablecoin volumes, unlike the EU’s approach, which may impose controls on stablecoin issuers to manage systemic risks.

Magazine: Crypto wanted to overthrow banks, now it’s becoming them in stablecoin fight

Hong Kong police arrested 12 people involved in a cross-border money laundering scheme that relied on crypto and over 500 stooge bank accounts to launder HK$118 million ($15 million), local news outlets reported.

The syndicate was dismantled on May 15, resulting in the arrest of nine men and three women in mainland China and Hong Kong.

The suspects allegedly recruited others to open bank accounts to receive proceeds from fraud cases, which were then converted into crypto at crypto exchange shops to launder the illicit funds, Hong Kong Commercial Daily reported on May 17.

The criminal organization rented a residential unit in the Hong Kong neighborhood of Mong Kok to plan and carry out its money laundering activities. Of the $15 million laundered, more than $1.2 million was linked to 58 reported fraud cases.

Caught in action

The bust followed police surveillance on May 15, when two recruits left the syndicate’s Mong Kok base — one visiting a bank, the other an ATM — before both went to convert the cash into crypto at a crypto exchange shop in the neighborhood of Tsim Sha Tsui.

Police arrested both individuals on the spot, seizing around HK$770,000 ($98,540) in cash before the funds could be laundered. The other 10 individuals, aged between 20 and 41, were arrested soon after.

Police seized approximately HK$1.05 million ($134,370) in cash, over 560 ATM cards, multiple mobile phones, bank documents and records related to crypto transactions.

Senior Inspector Tse Ka-lun of Hong Kong’s Commercial Crime Bureau claimed that the individuals often used bank accounts from their friends and family to launder the stolen funds. 

Hong Kong reported a 12% year-on-year increase in fraud reports in 2024, with authorities making more than 10,000 fraud-related arrests. Of those arrests, around 73% involved individuals who held stooge bank accounts.

Related: DOJ charges 12 more gamer-turned $263M Bitcoin robbers

The crackdown comes as Hong Kong continues to roll out its crypto regulatory framework to support local innovation, protect consumers and establish itself as a crypto hub.

Hong Kong’s Securities and Futures Commission introduced new rules for crypto exchanges offering staking services in April. Two months earlier, the securities regulator rolled out a roadmap to improve market access, optimize compliance, expand product offerings, strengthen crypto infrastructure and foster relationships with industry players. 

Magazine: Crypto wanted to overthrow banks, now it’s becoming them in stablecoin fight