logo

Coinbase breach: attackers demand $20M ransom

By: bitcoin ethereum news|2025/05/15 22:45:17
0
Share
copy
Attackers bribed support staff to access internal tools. $20M ransom demand redirected into reward fund. New protections live ahead of S&P 500 entry. Coinbase has disclosed a targeted cyberattack involving bribed overseas contractors, resulting in a significant data breach that impacted less than 1% of its monthly active users. While no funds, passwords, or private keys were exposed, the attackers accessed internal systems and extracted sensitive customer information. The incident highlights growing concerns over insider threats in centralised crypto platforms and comes at a crucial moment, with Coinbase preparing for its inclusion in the S&P 500 index. The company has launched new user protections and is expecting up to $400 million in related expenses. Bribed contractors enabled access The breach occurred through a coordinated social engineering effort in which a group of overseas contractors were bribed to grant attackers access to internal tools. Although Coinbase did not specify the country involved, it confirmed that Coinbase Prime accounts used by institutions were not affected. Attackers obtained partial bank information, addresses, phone numbers, and masked Social Security digits, aiming to impersonate the platform and extract further assets through phishing. Coinbase warned that the information was intended to target users in follow-up scams by posing as legitimate support agents. $20M ransom rejected After the breach was discovered, the attackers demanded a $20 million payment to stay silent. Coinbase rejected the demand and instead diverted the amount into a reward fund to help track down those responsible. The company is now offering up to $20 million for information leading to the arrest and conviction of the attackers. Coinbase has also engaged blockchain analytics firms to flag addresses connected to the attackers, freeze potential stolen assets, and monitor the flow of funds. Law enforcement agencies in the US and abroad have been alerted to pursue criminal charges. New protections deployed To limit future attacks and mitigate risks from the breach, Coinbase has implemented several new security protocols. These include additional ID verification during withdrawals, real-time scam alerts, and enhanced scrutiny for accounts flagged as high risk. A new customer support hub has been launched in the US to reduce third-party outsourcing. Internally, Coinbase has strengthened its insider threat detection and now runs continuous red-team testing. It has pledged to make impacted customers “whole” if any further scams succeed using the stolen data, and is reviewing potential indemnification claims. S&P 500 listing under spotlight The disclosure comes just days before Coinbase’s entry into the S&P 500, making it the first crypto-native company to achieve the distinction. With estimated costs from the breach ranging between $180 million and $400 million, analysts expect scrutiny to rise over the exchange’s security infrastructure and operational resilience. Coinbase said a full assessment of losses, legal claims, and potential recoveries is underway, but the incident underscores the challenges centralised exchanges face in guarding user data against both external and internal threats. Source: https://coinjournal.net/news/coinbase-breach-attackers-demand-20m-ransom/

You may also like

Fluxor: Connecting Global Builders With the WEEX AI Trading Hackathon

A hackathon platform connecting builders and creators to collaborative opportunities and innovation in Web3, enabling AI-oriented developers to experiment and create at scale.

The growth of AI-driven tools and community collaboration in Web3 has created new opportunities for developers worldwide. As a community partner and sponsor of the WEEX AI Trading Hackathon, Fluxor's mission to unify hackathon experiences and foster creative partnerships aligns with this spirit of collective innovation.

Apello: Automating Web3 Community Management and Partnering with the WEEX AI Trading Hackathon

A community toolkit enabling builders to streamline engagement and participation as Web3 ecosystems evolve with AI and decentralized innovation. As a community partner and sponsor of the WEEX AI Trading Hackathon, Apello reflects the growing fusion of community-driven participation and technical creativity in the Web3 space. The platform's commitment to empowering community interaction and meaningful engagement aligns with this shared vision of innovation.

RootData: Delivering Structured Web3 Intelligence and Sparking the WEEX AI Trading Hackathon

A Web3 data platform enabling investors and builders to uncover market insights and informed decision-making in AI-powered trading.

As a community partner and sponsor of the WEEX AI Trading Hackathonm RootData has a shared focus on transparency, data integrity, and insight-driven innovation across AI trading and market research.

Firecrew: Elevating Trader Skill and Amplifying the WEEX AI Trading Hackathon

A trading education and community platform helping individuals build disciplined strategies and risk control that pair with AI-driven innovation.

CrazyLiveDAO: Building an AI Trading Education DAO in Step with the WEEX AI Trading Hackathon

A Solana-based DAO and membership community combining AI agents, live trading education, and Web3 tools for global Chinese investors.

Mome: Blending AI, Memes, and Creator-First Tokens, and Driving the WEEX AI Trading Hackathon

An AI-driven BNB Chain platform that lets creators launch meme tokens powered by viral video content and community ownership.

Popular coins

Latest Crypto News

09:42

Data: Brother Ma Ji's ETH long position has been completely liquidated again, with a total loss exceeding 30.35 million USD

According to Onchain Lens monitoring, Machi Big Brother's (@machibigbrother) ETH 25x leveraged long position was completely liquidated again, shortly after which he opened a new ETH 25x leveraged long position.Currently, his wallet balance is only $32,000, and the total loss has exceeded $30.35 mill...
09:42

Fidelity calls on the U.S. SEC to establish a new framework allowing brokers to trade crypto assets through ATS

Fidelity, in a letter to the SEC, suggested establishing a regulatory framework that allows broker-dealers to trade crypto assets through alternative trading systems (ATS).The proposal aims to promote the inclusion of crypto asset trading into the existing financial system, enhancing market complian...
09:42

An executive from the Bank for International Settlements who is skeptical about stablecoins will become the governor of the Bank of Korea

South Korean President Lee Jae-myung nominated Shin Hung-song, the head of the Monetary and Economic Department of the Bank for International Settlements (BIS), to serve as the governor of the Bank of Korea. Shin Hung-song stated last year that the issuance of a Korean won stablecoin is "an effectiv...
09:42

Analysis: Ethereum is at a critical moment of success or failure in a high-risk balancing strategy

According to CoinDesk analysis, as the pressures from scalability challenges, quantum technology, and artificial intelligence continue to grow, Ethereum is at a critical juncture in high-risk balancing strategies. In the first three months of 2026, the Ethereum ecosystem faces multiple structural pr...
09:42

Data: Sky Alliance has opened a 20x leveraged long position in gold and is gradually closing its SP500 short position

According to Onchain Lens monitoring, Sky founder Rune (@RuneKek) opened a new long position in gold during the decline in gold prices, with a leverage of 20 times. Meanwhile, Rune is closing his SP500 short position and currently still holds TWAP buy and sell orders.
Read more
Community
iconiconiconiconiconiconicon

Customer Support Bot@WEEX_support_smart_Bot

VIP Servicessupport@weex.com