Hackers infiltrated Nasdaq-listed cryptocurrency exchange Coinbase by paying off a small group of overseas support contractors, the company disclosed, leading to a breach that exposed sensitive customer data and triggered a $20 million extortion attempt.
According to a regulatory filing and accompanying blog post, the attackers stole information tied to fewer than 1% of Coinbase’s monthly active users.
The compromised data includes full names, phone numbers, partial social security numbers, masked bank account details, and images of government-issued IDs. The exchange said that passwords, private keys, and access to wallets were not taken.
The attack unfolded through an internal betrayal: cybercriminals allegedly offered bribes to outsourced support agents in exchange for access to the company’s customer service systems.
Once inside, the attackers gathered data that was later used to impersonate Coinbase in phishing and other social engineering attempts targeting customers.
Coinbase first detected the breach through its internal systems and fired the involved employees.
On May 11, the attackers escalated, sending an email to the company claiming they had the stolen information and demanding payment to keep it under wraps.
The exchange said it rejected the ransom and instead launched a $20 million reward fund to aid law enforcement efforts.
“We’re cooperating closely with law enforcement to pursue the harshest penalties possible,” the company wrote. “[We] will not pay the $20 million ransom demand we received.”
To reduce future risk, Coinbase is moving to open a U.S.-based support hub, adding new withdrawal safeguards, and increasing investment in insider threat detection. The company also pledged to reimburse affected users who were tricked into transferring funds as a result of the breach. The exchange estimated this could cost it $180 to $400 million, although it’s still assessing the extent of the damage.
The incident comes roughly one month after blockchain sleuth ZachXBT warned that some users on Coinbase were somehow getting hacked.
SEC clears a faster path for spot crypto ETFs The U.S. Securities and Exchange Commission…
Key points Nine banks from eight countries formed a Dutch company to issue a euro-pegged…
Revolutionizing AI Infrastructure: Transforming Wasted Energy into Autonomous Intelligence on the Blockchain Panama City, 25th…
Aster DEX is leaning into a privacy-first roadmap, plus some pointed competitive jabs at Hyperliquid,…
Brighton, UK, 24th September 2025, ZEX PR WIRE, Fintradix has announced the deployment of its…
Solana (SOL) has slumped 12% in 48 hours, dragged lower by a wave of liquidations…