Coinbase refuses $20M ransom after support agent data breach

Coinbase, the world’s third-largest cryptocurrency exchange, was hit by a $20 million extortion attempt after cybercriminals recruited overseas support agents to leak user data, the company said.

According to a May 15 blog post, Coinbase said a group of external actors bribed and coordinated with several customer support contractors to access internal systems and steal limited user account data.

“These insiders abused their access to customer support systems to steal the account data for a small subset of customers,” Coinbase said, adding that no passwords, private keys, funds or Coinbase Prime accounts were affected.

Less than 1% of Coinbase’s monthly transacting users’ data was affected by the attack, the company said.

After stealing the data, the attackers attempted to extort $20 million from Coinbase in exchange for not disclosing the breach. Coinbase refused the demand.

Related: Ukraine strategic Bitcoin reserve bill reportedly in final stages

Instead, the company announced it was offering a $20 million reward for information leading to the arrest and conviction of those responsible for the scheme.

Scammers often masquerade as recognizable brands to inspire a false sense of trust in their victims.

In 2024, Coinbase was the most impersonated cryptocurrency brand by scammers.

This is a developing story, and further information will be added as it becomes available.

Related: Top South Korean presidential hopefuls support legalizing Bitcoin ETFs