Data Breach at Coinbase: Hackers Demand $20 Million Ransom for Stolen Customer Data
The U.S.-based cryptocurrency exchange Coinbase has become the target of a major cyberattack, in which hackers gained access to sensitive customer data by bribing third-party support contractors. The attackers demanded a $20 million ransom, which Coinbase refused to pay. Instead, the company launched a comprehensive investigation and promised compensation for affected users.
May 16, 2025 10:15
The Attack: Insider Bribery and Data Theft
On May 11, 2025, Coinbase received an email from unidentified hackers claiming they had accessed customer data by bribing external support staff outside the United States. The stolen data included names, addresses, phone numbers, email addresses, partial Social Security numbers, banking details, and copies of identification documents. The attackers’ goal was to impersonate Coinbase and defraud customers by tricking them into sending cryptocurrency to the hackers.
Ransom Demand and Coinbase's Response
The hackers demanded $20 million in Bitcoin to prevent the release of the stolen information. Coinbase CEO Brian Armstrong rejected the ransom and instead offered a $20 million reward for information leading to the arrest of those responsible. The company dismissed the involved contractors and is cooperating closely with law enforcement agencies to track down the perpetrators.
Impact and Security Measures
Coinbase estimates the financial impact of the breach at between $180 million and $400 million, covering costs related to mitigation and customer compensation. Although less than 1% of users were affected, the company has pledged to fully reimburse any customer who suffered a financial loss as a result of the incident. Coinbase has also enhanced its security infrastructure, including stricter identity verification and the establishment of a new support center with reinforced protections.
Industry Reactions and Outlook
Despite the breach, Coinbase’s response has been well-received within the industry. Ari Redbord of TRM Labs praised the company’s transparency and proactive measures. The incident underscores ongoing cybersecurity challenges in the crypto space, which saw over $2.2 billion lost to attacks in 2024 alone.
Coinbase remains under scrutiny, especially as it prepares for inclusion in the S&P 500 index on May 19, 2025. The company continues to emphasize its commitment to transparency and customer security, aiming to restore and maintain user trust.
