- Coinbase could face up to $400 million in losses after a cyberattack exposed customer data, but login credentials were not compromised.
- The exchange refused a $20 million ransom and instead offered a $20 million reward for information on the attackers.
- Multiple contractors and employees outside the U.S. were reportedly paid to leak data, prompting Coinbase to tighten internal security measures.
Coinbase is bracing for a financial blow of $180 million to $400 million after a cyberattack exposed data from a “small subset” of its customers. The breach, disclosed on Thursday, sent Coinbase shares sliding nearly 3%. The hackers reportedly accessed names, addresses, and emails but did not obtain login credentials or passwords. The exchange has pledged to reimburse customers tricked into sending funds to the attackers.
Employee Involvement and Internal Security Risks
According to Coinbase, the hackers paid multiple contractors and employees in support roles outside the U.S. to gather sensitive information. Those involved have since been fired, but the incident raises concerns about insider threats and employee vetting in the crypto sector. “This may push the industry to adopt stricter employee vetting and introduce some reputational risks,” said Bo Pei, an analyst at U.S. Tiger Securities.
No Ransom, No Compliance – Coinbase Takes a Stand
Despite receiving a $20 million ransom demand, Coinbase refused to comply. Instead, it set up a $20 million reward for information leading to the identification of the attackers. Meanwhile, the company is ramping up security measures, including launching a new support hub in the U.S., as it prepares to join the S&P 500 index – a major milestone for the crypto industry.
Crypto Hacks on the Rise – A Growing Threat
The Coinbase breach is the latest in a string of crypto hacks targeting major exchanges. In February, Bybit suffered a $1.5 billion theft, marking the largest crypto heist to date. According to Chainalysis, the total value of crypto assets stolen by hackers reached $2.2 billion in 2024 alone. “As our nascent industry grows rapidly, it draws the eye of bad actors who are becoming increasingly sophisticated,” said Nick Jones, founder of crypto firm Zumo.
