Crypto Hackers BRIBED Employees!

Coinbase has suffered a major data breach affecting nearly one million users, after hackers bribed overseas employees to extract sensitive customer information—and then demanded a $20 million ransom.

At a Glance

Hackers accessed internal Coinbase systems via bribed overseas support agents

Stolen data includes names, addresses, SSN fragments, and account details—but no passwords or crypto assets

Coinbase refused the hackers’ $20 million ransom demand

The company is offering the same amount as a bounty for leads on the attackers

Estimated breach-related costs could reach up to $400 million

Breach by Bribery

In what may become one of the most sophisticated insider-enabled hacks in crypto history, Coinbase confirmed that hackers stole personal data belonging to roughly one million customers. The attackers infiltrated the company’s systems by bribing multiple overseas support contractors, using their access privileges to extract internal data over several months.

The stolen trove includes masked bank details, trading history, ID documents, and partial Social Security numbers. However, logins and actual cryptocurrency holdings remained untouched—at least directly. The real danger now lies in follow-on social engineering attacks, as the exposed data could be weaponized to trick customers into revealing wallet credentials or initiating unauthorized transfers.

Watch a report: Coinbase breach explained: What was stolen and how.

A Defiant Response

Rather than pay the demanded $20 million ransom, Coinbase CEO Brian Armstrong doubled down. “We’re cooperating closely with law enforcement to pursue the harshest penalties possible,” the company said in a statement, adding that the entire ransom amount will instead be offered as a reward for information leading to the attackers’ arrest.

To reassure users, Coinbase has issued direct alerts to affected individuals and emphasized its security protocols, including reminders that it will never ask for credentials, passwords, or seed phrases via email or phone.

Coinbase also pledged to reimburse any customers who were duped into transferring funds as a result of the breach.

Fallout and Future Safeguards

The breach is projected to cost Coinbase between $180 million and $400 million in remediation, including customer reimbursements, internal audits, and revamped security measures. To prevent similar attacks, the company is planning to build a new domestic support hub to reduce reliance on external contractors.

While fewer than 1% of its nearly 10 million active users were impacted, the breach raises serious concerns about insider threats and the security of financial platforms built on decentralized technologies. Armstrong reaffirmed his ambition for Coinbase to remain “the No. 1 financial services app in the world,” but the path to that future now runs through a gauntlet of trust rebuilding and systemic overhauls.

For a platform built on transparency and blockchain integrity, Coinbase now faces a test not just of its code, but of its corporate resilience.