Hackers infiltrated Nasdaq-listed cryptocurrency exchange Coinbase by paying off a small group of overseas support contractors, the company disclosed, leading to a breach that exposed sensitive customer data and triggered a $20 million extortion attempt.
According to a regulatory filing and accompanying blog post, the attackers stole information tied to fewer than 1% of Coinbase’s monthly active users.
The compromised data includes full names, phone numbers, partial social security numbers, masked bank account details, and images of government-issued IDs. The exchange said that passwords, private keys, and access to wallets were not taken.
The attack unfolded through an internal betrayal: cybercriminals allegedly offered bribes to outsourced support agents in exchange for access to the company’s customer service systems.
Once inside, the attackers gathered data that was later used to impersonate Coinbase in phishing and other social engineering attempts targeting customers.
Coinbase first detected the breach through its internal systems and fired the involved employees.
On May 11, the attackers escalated, sending an email to the company claiming they had the stolen information and demanding payment to keep it under wraps.
The exchange said it rejected the ransom and instead launched a $20 million reward fund to aid law enforcement efforts.
“We’re cooperating closely with law enforcement to pursue the harshest penalties possible,” the company wrote. “[We] will not pay the $20 million ransom demand we received.”
To reduce future risk, Coinbase is moving to open a U.S.-based support hub, adding new withdrawal safeguards, and increasing investment in insider threat detection. The company also pledged to reimburse affected users who were tricked into transferring funds as a result of the breach. The exchange estimated this could cost it $180 to $400 million, although it’s still assessing the extent of the damage.
The incident comes roughly one month after blockchain sleuth ZachXBT warned that some users on Coinbase were somehow getting hacked.
Broker confirms UAE and Mauritius licences cover distinct parts of its business, while independent reviews…
Integration expands the diversity of liquidity available to banks, brokerages, and fintechs powered by zerohash…
Dubai, United Arab Emirates, 10th July 2026: Dubai Health has announced a strategic collaboration with Rush…
Dubai, United Arab Emirates, Jul 09, 2026 — Ajman Bank, rated BBB+ (Stable) by Fitch, has successfully…
Industrial engineer and military logistics officer Michael Curtis Broughton is raising awareness of the critical…
Sebastian Pastor, President of Hospital Maria and board member of multiple organizations in Tegucigalpa, Honduras,…