Alan Sudderman
Coinbase, the largest US-based cryptocurrency exchange, said Thursday that criminals had improperly acquired personal data about exchange customers for use in crypto theft fraud and had requested a $20 million payment to prevent information from being released.
Coinbase CEO Brian Armstrong said in a social media post that the offender has bribeed some of the customer service agents for companies living outside the US and handed over personal data about the customer, including their names, date of birth and partial Social Security numbers.
“(Stolen data) allows for social engineering attacks. Social engineering attacks can help customers impersonate Coinbase customer support and force attackers to send funds,” says Armstrong.
Social engineering is a popular hacking strategy, as humans tend to be the weakest links in any network. Many large companies have suffered hacking and data breaches in recent years as a result of such frauds.
Coinbase did not specify the number of customers who were stolen or prey to a social engineering scam. However, the company pledged to refund who did it.
Coinbase stocks fell 6% in trading around noon. It’s still up around 22% this month due to an increase in Bitcoin and other cryptocurrencies.
In its filing with the Securities and Exchange Commission, Coinbase estimated that it would need to spend between $180 million and $400 million “in relation to repair costs related to the case and voluntary customer reimbursement.”
SEC Filing said the company detected “the previous month” that some customer service agents “access data that doesn’t require business.” The employees have been fired and the company said it has stepped up its fraud prevention efforts.
Coinbase said it received an email from the attacker on Sunday saying it would not release stolen customer data, demanding a $20 million worth of Bitcoin ransom.
Armstrong said the company refused to pay the ransom and instead would offer a $20 million reward to anyone who provided information that led to the arrest of the attacker.
“For those who want to harm these horrible people and those who want to harm Coinbase customers, we know that we will prosecute you and lead you to justice,” Armstrong said. “And I know you have my answer.”
Original issue: May 15th, 2025, 5:15pm EDT
