America's largest Crypto exchange Coinbase hacked; threatening to leak customer data, hackers demand $20 million in Bitcoin

Coinbase , the largest US crypto exchange, has said that it has been hit by a cyber attack that breached account data of a “small subset” of its customers. The company has also confirmed that a group of rogue overseas customer support agents, bribed by hackers, were involved in a targeted data breach aimed at extorting the company and deceiving customers.

According to a video posted by company co-founder and CEO Brian Armstrong, the attackers demanded a $20 million ransom, which Coinbase has refused to pay. Instead, the company is offering a $20 million reward for information leading to the arrest and conviction of those responsible.


Coinbase says support agents helped hackers
According to Coinbase, hackers paid off a small group of outsourced support agents to access and steal data from internal customer support systems. The breach affected less than 1% of monthly transacting users, it added.

Coinbase says that while no login credentials, 2FA codes, private keys, or customer funds were compromised directly, some customers were misled into voluntarily sending crypto to attackers. The CEO has warned that the attackers may use the stolen data in an attempt to carry out social engineering attacks, impersonating Coinbase to trick users into transferring funds.

What data hackers have stolen
The affected data includes

• Names, addresses, phone numbers, and emails
• Masked Social Security numbers (last 4 digits)
• Masked bank account numbers and some identifiers
• Government ID images (e.g., driver's licenses, passports)
• Account balances and transaction history
• Limited internal documents and communications
• Coinbase Prime and wallet infrastructure (hot/cold wallets) were not impacted.

Coinbase also said it expects to incur costs of apprximately $180 million to $400 million in incident remediation and customer reimbursements.