Coinbase reveals insider bribery led to the theft of sensitive customer data, with hackers now demanding $20 million in Bitcoin. CEO vows justice and offers $20 million bounty for information leading to arrests.
Coinbase, the largest cryptocurrency exchange in the United States, is grappling with a major security crisis after revealing that cybercriminals accessed sensitive customer information and are now demanding a $20 million (€17.6 million) ransom to keep the data from being leaked.
According to Coinbase CEO Brian Armstrong, the breach stemmed from an internal betrayal, with several offshore customer service agents accepting bribes to hand over confidential data, including customer names, birth dates, and fragments of national ID numbers. Armstrong disclosed the information in a social media post on Thursday.
The attackers have exploited the stolen data to orchestrate highly convincing social engineering scams. “The stolen data allows them to conduct social engineering attacks where they can call our customers impersonating Coinbase customer support and try to trick them into sending their funds to the attackers,” Armstrong warned.
Social engineering remains one of the most effective hacking strategies in the digital age, often targeting human vulnerabilities rather than system flaws. The tactic has been behind numerous corporate data breaches in recent years.
Coinbase has not specified how many users have been affected or how many have fallen victim to fraud, but the exchange has pledged full reimbursement for any losses incurred as a result of the incident.
In a regulatory filing with the U.S. Securities and Exchange Commission (SEC), Coinbase estimated the financial fallout from the breach could range between $180 million and $400 million (€158 million to €352 million), citing costs related to remediation and customer reimbursements. The filing further noted that certain employees had accessed customer data “without business need,” leading to their termination.
The situation escalated over the weekend when the attackers reportedly sent Coinbase an email demanding $20 million in Bitcoin to prevent public exposure of the stolen data. However, Armstrong stated that the company would not negotiate with the hackers.
Instead, he announced a $20 million (€17.6 million) bounty for information that could lead to the identification and arrest of the culprits. “For these would-be extortionists or anyone seeking to harm Coinbase customers, know that we will prosecute you and bring you to justice,” he declared. “And know you have my answer.”
The company has since implemented enhanced fraud prevention measures and continues to work closely with law enforcement as the investigation unfolds.
