Coinbase Rejects $20M Ransom, Pledges Same Bounty After Insider Leak Hits 1% of Users

By: crypto news|2025/05/15 15:17:05
0
Share
copy
$20 million ransom demand flipped into a matching bounty when Coinbase disclosed this week that bribed overseas support staff leaked partial data on less than 1% of its users, reigniting fears of insider threats across crypto exchanges.Cyber criminals bribed and recruited rogue overseas support agents to pull personal data on https://t.co/SidVn59JCV— Coinbase (@coinbase) May 15, 2025The crypto exchange says a group of rogue agents were bribed by cybercriminals to copy sensitive data, which was then used in a social engineering campaign to impersonate Coinbase and defraud users.Although no customer funds, passwords, or private keys were accessed, the attackers obtained partial personal information, including names, contact details, masked Social Security and bank account numbers, and in some cases, images of government-issued IDs. Coinbase emphasized that Coinbase Prime users were not impacted and that no direct access to hot or cold wallets was ever at risk.“We’re committed to full transparency,” Coinbase said in a public statement, “and instead of giving in to the $20 million ransom demand, we’re establishing a $20 million reward fund to bring the criminals to justice.”The Anatomy of the AttackAccording to Coinbase, the breach occurred when criminals targeted overseas support agents and offered them financial incentives to participate in the scheme. A small number of insiders accepted the bribes and abused their privileged access to copy data stored in customer support tools.The attackers then attempted to extort the company, threatening to release the stolen information unless Coinbase paid a $20 million ransom. The exchange declined the demand, opting instead to notify affected users and bolster its internal and external security infrastructure.The stolen data included transaction histories, account balances, and some internal documentation accessible to support agents. However, the attackers did not obtain passwords, two-factor authentication codes, private keys, or access to any wallets, thus preventing direct theft of funds.Coinbase’s Response and Customer SupportIn response to the breach, Coinbase has pledged to reimburse retail customers who were tricked into sending funds to scammers through social engineering tactics. These reimbursements will be made after a thorough review process. Affected accounts are now subject to increased withdrawal security protocols, including additional ID checks and scam-awareness prompts.Coinbase said it is also taking steps to reinforce its global support operations. For example, a new customer support hub is being established in the United States, and enhanced insider-threat detection systems are being rolled out across all service locations.The company has intensified internal simulations to stress-test its security infrastructure and isolate potential vulnerabilities.All impacted users have received direct communication, and Coinbase is working closely with law enforcement agencies both in the U.S. and internationally. The rogue employees involved were immediately terminated and referred for criminal prosecution.A Call for AccountabilityRather than succumbing to extortion, Coinbase said it is offering a $20 million reward for information that leads to the arrest and conviction of those responsible for the breach. Anyone with credible information is encouraged to contact the company at [email protected]. In parallel, Coinbase and its partners have tagged crypto wallet addresses associated with the attackers to aid in asset recovery.Coinbase is also reminding users to stay vigilant against scams and impersonators. Customers are urged to never share passwords or 2FA codes, and to lock their accounts immediately if something seems suspicious.“Trust is foundational to crypto adoption,” Coinbase said in its closing statement. “We’re sorry for the concern this incident caused and remain committed to transparency and protecting our users at every step.”Huge Blow for the CompanyCommenting on the cyber attack on Coinbase, Nick Jones, founder and CEO at Zumo, said: “Unfortunately, as our nascent industry grows rapidly, it draws the eye of bad actors, who are becoming increasingly sophisticated in the scope of their attacks and harnessing new AI tools and techniques to bypass fraud prevention measures.”“This is understandably a huge blow for a company that has had a pivotal few weeks, announcing the acquisition of Deribit in the digital market’s largest deal to date, and then joining the S&P 500.”“This attack underlines the critical importance of robust cybersecurity measures. The European Union (EU) introduced its Digital Operational Resilience Act (DORA) earlier this year with an emphasis on financial institutions ensuring the resilience of their supply chain, promoting better data hygiene, and sharing usable insights on attacks they have experienced to strengthen the industry’s perimeter. This seems particularly pertinent as it emerges that the hack occurred when attackers bribed overseas support staff,” Jones added.The post Coinbase Rejects $20M Ransom, Pledges Same Bounty After Insider Leak Hits 1% of Users appeared first on Cryptonews.

-- Price

--

You may also like

Former ByteDance employee's account: How I started with two Pinduoduo hard drives and made six times the profit with Seagate to achieve financial freedom?

A programmer from a big tech company bought hard drives on Pinduoduo and, following clues, managed to accurately capture the sixfold rising stock Seagate using the "finding daily anomalies + 13F institutional verification" framework, making a wild profit of $400,000 and achieving financial freedom.

MiCA reshuffle begins, Binance temporarily bids farewell to the EU

What Binance leaves behind is not scattered retail investors, but a whole batch of high-value users who are forced to liquidate and have almost nowhere to go.

How does Gate redo "buying and selling stocks" from the cryptocurrency world to the stock market?

The competition logic of exchanges has changed.

Visa and Mastercard join 140 giants to launch a new stablecoin, but the impact on the market landscape may still be limited

As an important milestone event in the stablecoin landscape, OUSD is likely to change the existing stablecoin landscape and significantly increase the adoption rate of stablecoins in the global financial system.

Circle CEO responds to OUSD's challenge: Stablecoins are a winner-takes-all business, and we will not slow down

OUSD was jointly launched by more than 140 giants, causing Circle's stock price to plummet in a single day. Circle's CEO personally wrote a response, clarifying USDC's moat from three aspects: network effects, liquidity, and regulation, and dismantling OUSD's three selling points of "free redemption...

Argentina vs Cape Verde: When a Record-Breaking Legend Meets an Unbreakable Underdog

WEEX exclusive pre-match analysis of Argentina vs Cape Verde, exploring Messi-led Argentina’s dominance and Cape Verde’s historic defensive breakout, with a breakdown of volatility, structure, and match dynamics.

Contents

Popular coins

Latest Crypto News

Read more
iconiconiconiconiconiconicon
Customer Support:@weikecs
Business Cooperation:@weikecs
Quant Trading & MM:[email protected]
VIP Program:[email protected]