Cryptocurrency powerhouse Coinbase revealed it faces potential losses of up to $400 million following a sophisticated cyber attack that compromised customer data.
“Cyber criminals bribed and recruited a group of rogue overseas support agents to steal Coinbase customer data to facilitate social engineering attacks,” the company explained. “These insiders abused their access to customer support systems to steal the account data for a small subset of customers.”
The incident, which was disclosed after hackers contacted the company on May 11, involved malicious actors who paid overseas contractors and employees to extract sensitive information from internal systems.
Leading Crypto Exchange Battles Hackers
According to Coinbase’s blog post, attackers gained access to “less than 1%” of customer accounts, including names, addresses, and emails—though login credentials and passwords remained secure. The compromised data enabled criminals to impersonate the company, tricking victims into transferring cryptocurrency to fraudulent addresses.
The disclosure triggered a 4.1% drop in Coinbase’s share price, creating market uncertainty just days before the company’s historic inclusion in the S&P 500 index—a watershed moment for cryptocurrency’s mainstream acceptance.
In a defiant stance, Coinbase rejected the hackers’ $20 million ransom demand. Instead, the company established a matching $20 million reward fund for information leading to the criminals’ arrest and conviction. Additionally, Coinbase promised to fully reimburse all customers who lost funds in the scam.
Growing Crypto Industry Threats
This attack highlights the escalating security challenges facing the maturing cryptocurrency sector. Earlier this year, Bybit suffered what many consider the largest crypto heist in history, losing digital tokens worth approximately $1.5 billion.
In response to the breach, Coinbase immediately terminated the employees involved and is implementing enhanced security measures. The company emphasized that “no passwords, private keys, or funds were exposed and Coinbase Prime accounts are untouched.”
“Security and transparency are core to Coinbase,” the company stated. “Instead of funding criminal activity, we have investigated the incident, reinforced our controls, and will reimburse customers impacted by this incident.”
Coinbase has implemented additional safeguards for affected accounts, including mandatory ID checks on large withdrawals and scam-awareness prompts. The company is also opening a new support hub in the U.S. and strengthening security controls across all locations.
The security incident comes amid significant developments in the broader cryptocurrency landscape. Bitcoin’s recent surge back above $100K has triggered a fresh wave of retail and institutional interest, along with moves among several US states to add bitcoin to their treasury reserves.
Simultaneously, federal regulators are finalizing a comprehensive crypto oversight framework that would impose stricter security requirements on exchanges like Coinbase—potentially preventing similar breaches while bolstering consumer confidence in digital asset platforms.
“Crypto adoption depends on trust,” Coinbase concluded in its statement. “To the customers affected, we’re sorry for the worry and inconvenience this incident caused. We’ll keep owning issues when they arise and investing in world-class defenses—because that’s how we protect our customers and keep the crypto economy safe for everyone.”
