Coinbase Says Workers Were Bribed in Massive Data Theft Attempt

Coinbase says hackers bribed overseas workers to steal user data and demand $20M. It’s now offering a bounty instead of paying up.

Coinbase, the largest U.S. cryptocurrency exchange, said hackers bribed customer support agents outside the U.S. to steal sensitive customer data, and then demanded $20 million in Bitcoin to keep the breach quiet.

The company revealed through its Thursday announcement that the breach affected fewer than 1% of its active users each month. The stolen data included names, addresses, phone numbers, partial Social Security numbers, bank details, and government ID images. However, login credentials and access to wallets were not compromised, Coinbase said.

Bloomberg reported that the hackers planned to use the stolen data to impersonate Coinbase and trick users into handing over their crypto. The cyber criminals bribed and recruited some of Coinbase’s support agents and contractors outside the U.S. Those workers have been fired.

Bloomberg reported that Coinbase announced it will not give in to the ransom demand while simultaneously reaching out to law enforcement agencies. The company provides a $20 million reward to anyone who helps track down and prosecute the attackers.

Bloomberg reported that remediation costs and reimbursements could reach between $180 million and $400 million but the actual amount may shift based on ongoing investigations. The company has made a promise to reimburse all users who experienced financial losses because of the breach.

CEO Brian Armstrong revealed through video that Coinbase had detected unusual support agent behavior throughout the preceding months leading up to the attack.

Forbes notes that the breach occurred during a period when crypto security has become a major point of concern. Research indicates that the crypto industry lost more than $2.2 billion to cyberattacks throughout 2024.