In a shocking breach of trust, leading cryptocurrency platform Coinbase has revealed that some of its internal support team members were bribed by cybercriminals, resulting in a major data leak impacting nearly 70,000 users.
According to the company, the attackers gained access to sensitive customer information, including full names, addresses, phone numbers, email IDs, partially masked bank account details, and government-issued ID images. While login credentials, two-factor authentication codes, and private crypto keys remain safe, the breach has led to a significant compromise of user privacy.
The attackers reportedly used the stolen data to trick several Coinbase users into transferring funds. They also demanded a ransom of $20 million from the company, threatening to leak the stolen information publicly. However, Coinbase has refused to comply with the extortion demands and is actively working with law enforcement agencies to track down the perpetrators.
In a bold move, Coinbase has announced a $20 million reward for any information that could help identify and bring the remaining attackers to justice. The company also confirmed it would reimburse affected users who were defrauded and is implementing additional security measures to protect vulnerable accounts.
The breach, which took place between December 26, 2024, and May 11, 2025, is estimated to cost the firm between $180 million and $400 million. The incident underscores the increasing complexity of cybersecurity threats in the digital asset industry, where even internal trust can be exploited.
Source: Engadget
