CyberSecurity news

FlagThis

Dissent@DataBreaches.Net //

Coinbase Data Breach Due to Bribed Support Agents

Coinbase recently disclosed a significant data breach resulting from a bribery scheme targeting overseas customer support agents. The breach, which came to light after a $20 million ransom demand, involved rogue contractors who abused their access to exfiltrate customer data. Coinbase has confirmed that these contractors, located outside the United States, were successfully bribed by cybercriminals to access internal systems and steal sensitive information. Upon discovering the unauthorized activity, Coinbase terminated the involved personnel and initiated a thorough internal investigation.

The compromised data, affecting less than 1% of Coinbase's monthly transacting users, includes names, addresses, phone numbers, email addresses, and the last four digits of Social Security numbers. Additionally, masked bank account numbers, some banking identifiers, government-issued ID images such as driver's licenses and passports, and account data including balance snapshots and transaction histories were exposed. Importantly, Coinbase has stated that no passwords, private keys, or access to customer funds were compromised, and Coinbase Prime accounts and wallets were unaffected.

In response to the breach, Coinbase refused to pay the $20 million ransom and instead offered a $20 million reward for information leading to the identification and prosecution of those responsible. The company is also reimbursing customers who mistakenly sent funds to the scammers due to phishing attempts. Furthermore, Coinbase is taking several steps to enhance security, including stricter identity verification, scam-awareness prompts, relocating support functions to a U.S.-based hub, and improving fraud monitoring and insider threat detection capabilities. This incident could potentially cost Coinbase between $180 million and $400 million for remediation and customer reimbursement.

Share: bluesky twitterx--v2 facebook--v1 threads


References :
  • DataBreaches.Net: Coinbase says hackers bribed staff to steal customer data and are demanding $20 million ransom
  • fortune.com: Coinbase puts $20 million bounty on crooks who tried to extort firm over stolen customer data
  • BleepingComputer: Coinbase, a cryptocurrency exchange with over 100 million customers, has disclosed that cybercriminals working with rogue support agents stole customer data and demanded a $20 million ransom not to publish the stolen information.
  • techcrunch.com: Coinbase says customers’ personal information stolen in data breach. The crypto exchange giant said the hacker was "paying multiple contractors or employees working in support roles," and contacted Coinbase with a ransom demand this week with stolen data, which Coinbase says is "credible."
  • BleepingComputer: Coinbase data breach exposes customer info and government IDs
  • www.bleepingcomputer.com: Coinbase Discloses Breach, Faces Up to $400 Million in Losses
  • The Register - Security: Coinbase says some of its overseas support staff were paid off to steal information on behalf of cybercriminals, and the company is now being extorted for $20 million.
  • Zack Whittaker: Coinbase CEO says the hacker demanded $20 million in a ransom payment not to publish the stolen data. A Coinbase spokesperson tells me that less than 1% of its monthly customers are affected.
  • techxplore.com: Coinbase, the largest cryptocurrency exchange based in the U.S., said Thursday that criminals had improperly obtained personal data on the exchange's customers for use in crypto-stealing scams and were demanding a $20 million payment not to publicly release the info.
  • Metacurity: Hacking incident could cost Coinbase $400 million, $20 million reward offered
  • securityaffairs.com: Coinbase disclosed a data breach after an extortion attempt
  • thecyberexpress.com: Coinbase details insider data theft that led to a $20 million ransom demand. In a and , Coinbase – the third largest crypto exchange by volume – said it will reimburse any customers tricked into sending funds to the attacker.
  • The Hacker News: The Hacker News reports on Coinbase agents being bribed.
  • Secure Bulletin: Coinbase, one of the world’s largest cryptocurrency exchanges with over 100 million customers, has disclosed a significant data breach orchestrated through insider collusion.
  • cyberinsider.com: Coinbase Hit by Insider Breach and Extortion, User Data Compromised
  • securebulletin.com: Coinbase faces major Data Breach: $400 Million in potential losses
  • www.metacurity.com: Hacking incident could cost Coinbase $400 million, $20 million reward offered
  • Zack Whittaker: Coinbase says it was breached, and customers' personal information stolen. The crypto giant said the hacker was "paying multiple contractors or employees working in support roles," and contacted Coinbase with a ransom demand this week with stolen data, which Coinbase says is "credible."
  • The DefendOps Diaries: Inside the Coinbase Breach: Lessons in Cybersecurity
  • techxplore.com: Coinbase on Thursday said criminals bribed and duped their way to stealing cryptocurrency from its users, then tried to blackmail the exchange to keep the crime quiet.
  • Risky Business Media: Risky Bulletin: Coinbase reveals insider breach, extortion attempt
  • hackread.com: Coinbase Customer Info Stolen by Bribed Overseas Agents
  • techcrunch.com: Coinbase says customers’ personal information stolen in data breach
  • www.techradar.com: Personal information leaked in Coinbase cyberattack, cost could be $400 million
  • Security Latest: Coinbase Will Reimburse Customers Up to $400 Million After Data Breach
  • Matthew Rosenquist: This is how you handle digital extortion! Cybercriminals attempted to extort $20 million from Coinbase, but Coinbase refused and will instead fund a $20 million bounty for those that provide information that leads to the attacker’s arrest!
  • Cybersecurity Blog: Cracking the Coinbase Breach: What Went Wrong and What We Can Learn
  • www.cybersecuritydive.com: The crypto exchange is offering a $20 million reward for information leading to the hackers’ arrest. Coinbase terminated customer support agents who leaked customer data.
  • Threats | CyberScoop: Coinbase flips $20M extortion demand into bounty for info on attackers
  • Bitcoin News: Coinbase says it might cost between $180 million and $400 million to upgrade its security measures and reimburse lost funds.
  • www.csoonline.com: Coinbase ( ), the largest crypto exchange in the US, is offering a $20 million bounty for information leading to those behind a May 2025 breach that compromised customer data.
  • cyberscoop.com: Coinbase is offering a $20 million reward for information leading to the hackers’ arrest.
  • www.cybersecurity-insiders.com: Coinbase, one of the largest cryptocurrency exchanges, has disclosed a significant data breach that exposed sensitive customer information, including government-issued IDs. The attackers contacted Coinbase on May 11, demanding a $20 million ransom to prevent the public release of the stolen data.
  • hackernoon.com: Contractor Backdoor: Coinbase Faces $400M Blow in Major Data Breach
Classification: