Coinbase Reports a Big Security Breach where Attackers Stole 84,000 Customers Data and are Demanding a $20 Million Ransom

Coinbase reports a big security breach that has shaken the cryptocurrency community. The company revealed that attackers stole 84,000 customers’ data by bribing some of its overseas customer support agents. These rogue agents used their access to leak sensitive personal information, including names, home addresses, phone numbers, email addresses, government ID images, masked bank account numbers, and partial Social Security numbers. While no passwords, private keys, or funds were directly stolen, this breach has exposed many users to serious risks of fraud and scams.

The attackers are demanding a $20 million ransom in Bitcoin to keep the stolen data from being publicly released. However, Coinbase has refused to pay this ransom. Instead, the company has taken a strong stance by offering a $20 million reward for information that leads to the arrest and conviction of those responsible. Coinbase fired the involved employees immediately and is working closely with law enforcement agencies to catch the criminals behind this attack.

This breach is particularly dangerous because the stolen data is being used to carry out social engineering scams. In these scams, attackers pretend to be Coinbase employees and trick customers into verifying suspicious account activities or sending money to fraudulent addresses. These scams have already caused Coinbase users to lose millions of dollars. A blockchain investigator named ZachXBT reported that Coinbase customers lose over $300 million annually to such scams, with $45 million stolen in just the past week alone. These scams often use fake emails, phone numbers, and case IDs to deceive victims.

Coinbase estimates that the total cost of dealing with this breach-including reimbursing affected customers and improving security-could be between $180 million and $400 million. This financial impact has also affected Coinbase’s stock, which dropped by about 3% in premarket trading after the news broke.

Despite the breach, Coinbase reassured users that their passwords, private keys, and Coinbase Prime accounts remain safe. The company has promised to fully reimburse any customer who loses money due to scams linked to the stolen data. Coinbase is also opening a new support center in the U.S. to improve security and prevent insider threats in the future.

This incident highlights the growing threat of social engineering scams in the crypto world. Coinbase was the most impersonated crypto brand by scammers in 2024, showing how attackers exploit users’ trust to steal funds. The company has faced criticism for not adequately addressing these evolving threats before, but this time it is making a clear commitment to transparency and user protection. Coinbase’s chief security officer stated that the company will pursue the harshest penalties against those involved and will not give in to ransom demands.

As Coinbase works to recover from this big security breach, its $20 million reward offer shows a bold approach to fighting cybercrime. Whether this will lead to catching the criminals remains to be seen, but Coinbase is determined to hold the attackers accountable and protect its customers from future harm.

Was this information useful? Drop a nice comment below. You can also check out other useful contents by following us on X/Twitter @siliconafritech, Instagram @Siliconafricatech, or Facebook @SiliconAfrica.