A cyberattack that exploited insider access has forced Coinbase into damage control mode, triggering a potential $400 million hit and intensifying scrutiny on workforce security in the crypto industry.
The hackers behind the breach reportedly stole sensitive customer data and issued a $20 million ransom demand, whichCoinbase refuses to pay, CNBC reported.
The exchange disclosed that rogue overseas support agents accepted bribes to leak internal documents and data tied to a "small subset" of customer accounts.
This information included names, addresses, emails, account balances, masked bank details, and partial Social Security numbers. Crucially, private keys and passwords were not accessed, and Coinbase said Prime accounts remained secure.
???? BREAKING: Coinbase says cybercriminals bribed overseas support agents to access customer data used in targeted social engineering attacks.Coinbase won’t pay the $20M ransom demand, offering a $20M reward instead for info leading to the attackers’ arrest and conviction. pic.twitter.com/h1b44k9GxY
— Cointelegraph (@Cointelegraph) May 15, 2025
Ransom Rejected
Coinbase said it received an email on May 11 from a threat actor claiming to possess stolen customer data and sensitive internal documentation. Rather than give in to the extortion, Coinbase reported the incident to authorities and launched its own counteroffensive, establishing a $20 million reward fund for information leading to the hackers' arrest.
The company independently detected signs of the breach earlier this year and swiftly fired the implicated contractors. It also reinforced fraud monitoring and alerted affected users.
The breach comes at a pivotal moment for Coinbase. The company is preparing to enter the S&P 500 next week, a landmark achievement for the crypto sector. But the breach now raises questions about internal oversight and the security of third-party staffing.
Despite not losing funds directly to the attack, Coinbase pledged to reimburse users who were deceived into sending crypto to the attackers during social engineering scams. The breach is another reminder of the persistent security challenges in the digital asset space.
A Growing Trend of Sophisticated Cyberattacks
Crypto firms remain frequent targets for hackers. According to Chainalysis, as cited by Reuters, criminals stole $2.2 billion from crypto platforms in 2024 alone. In February, Bybit disclosed what became one of the largest crypto heists in history, with losses of around $1.5 billion.
JUST IN: Bybit founder confirms $1.4 billion $ETH hack, asserts solvency even if losses remain uncovered. pic.twitter.com/8rE3KHrGRL
— Whale Insider (@WhaleInsider) February 21, 2025
Coinbase now plans to open a new support hub stateside and strengthen its operational safeguards. The latest development comes barely a day after Coinbase announced plans to join the S&P 500 index this month. The index tracks the largest 500 publicly listed companies in the US across various sectors, including finance, tech, healthcare, and more.
This article was written by Jared Kirui at www.financemagnates.com.
You can get bonuses upto $100 FREE BONUS when you:
💰 Install these recommended apps:
💲 SocialGood - 100% Crypto Back on Everyday Shopping
💲 xPortal - The DeFi For The Next Billion
💲 CryptoTab Browser - Lightweight, fast, and ready to mine!
💰 Register on these recommended exchanges:
🟡 Binance🟡 Bitfinex🟡 Bitmart🟡 Bittrex🟡 Bitget
🟡 CoinEx🟡 Crypto.com🟡 Gate.io🟡 Huobi🟡 Kucoin.
Comments