“Coinbase Exchange Suffers $400 Million Data Leak Disaster”

17 May, 2025

Coinbase Suffers $400 Million Loss Due to Data Leak

On May 15, digital currency exchange Coinbase revealed that hackers bribed a group of its employees to steal user information for digital currency theft, followed by an extortion attempt to keep the incident under wraps.

In an official blog post, San Francisco, California-based Coinbase disclosed that hackers had bribed a group of its overseas customer support employees to engage in insider threats, stealing user data from the platform, and conducting non-technical attacks.

A “non-technical attack” is a term used in the hacker community to describe the manipulation of human psychology to gain sensitive information, system access, and digital assets.

The hackers exploited their access to the customer support system to compromise the accounts of a small number of users.

According to Coinbase, the stolen information included phone numbers, email addresses, and partial social security numbers of approximately 1% of its monthly active users.

The hackers aimed to build a list of users to impersonate Coinbase and trick victims into surrendering their digital currencies.

Coinbase received an anonymous email on May 11, disclosing the leaked internal information and demanding a $20 million ransom to keep the information confidential.

Coinbase rejected the demand and proactively notified US regulatory agencies, planning to allocate between $180 million and $400 million for victim compensation and remediation.

The exchange has offered a $20 million bounty for information leading to the arrest and conviction of the perpetrators. Coinbase has terminated the employees involved in the data leak and strengthened its fraud monitoring systems.

Thuy Lien

– 1:18 PM, May 16, 2025