Inside job at Coinbase leads to massive data breach, $20 million ransom demanded

[Skye Jacobs]

What just happened? As the crypto industry continues to evolve and attract mainstream attention, the latest incident at Coinbase highlights the ongoing risks and the urgent need for stronger security measures. The company's response – refusing to pay ransom, cooperating with authorities, and compensating affected customers – may set a precedent for how major players in the sector handle such crises going forward.

Coinbase, the largest cryptocurrency exchange in the United States, is facing significant fallout after disclosing a major cyberattack that compromised sensitive data from some of its customers. The company revealed in a regulatory filing that the breach could cost between $180 million and $400 million, marking one of its most substantial security incidents.

The breach came to light after Coinbase received an email on May 11 from an unidentified hacker who claimed to possess confidential information about certain customer accounts and internal company documents. While the attackers could access names, addresses, emails, masked bank account numbers, and partial Social Security numbers, Coinbase emphasized that no passwords, private keys, or direct access to customer funds were obtained.

According to Coinbase, the attack was orchestrated through a network of overseas contractors and support employees who were bribed to hand over customer data. The company responded by terminating all individuals involved and notifying customers whose information may have been exposed.

Coinbase refused to pay the $20 million ransom demanded by the attackers. Instead, the company is working closely with law enforcement and has set up a $20 million reward fund for information leading to the arrest and conviction of those responsible. It has also enhanced its fraud monitoring systems to bolster security.

Coinbase has also pledged to reimburse any customers deceived into transferring funds to the hackers as a result of the breach.

The incident comes at a pivotal moment for Coinbase, which is preparing to join the S&P 500 index – a significant milestone for the crypto industry. However, the timing of the breach has cast a shadow over what was expected to be a celebratory event for the company and the broader sector.

Coinbase's security woes are not isolated. The cryptocurrency industry as a whole continues to grapple with persistent threats from increasingly sophisticated cybercriminals. In 2024 alone, losses from hacks targeting blockchain platforms have exceeded $2.2 billion, according to a report from Chainalysis. Earlier this year, Bybit, another major exchange, was robbed of $1.5 billion in what has been described as the largest crypto heist to date.

The breach may also attract attention from regulators. The US Securities and Exchange Commission is examining whether Coinbase misrepresented its user numbers in past disclosures, four people familiar with the situation told the New York Times. Coinbase has denied any active investigation.

Permalink to story:

Inside job at Coinbase leads to massive data breach, $20 million ransom demanded

 

[VaRmeNsI]

Coinbase refused to pay the $20 million ransom demanded by the attackers. Instead, the company is working closely with law enforcement and has set up a $20 million reward fund for information leading to the arrest and conviction of those responsible.

I like this approach but I think they should also allow one of the hackers, if more than one, to rat on the others to get the $20m with immunity.

 

[gdavid65]

And this is why nearly every single company that sends their data processing offshore for "support" should never be trusted.. which is nearly all of them!

Sure, they all say "all of our partners are bound by upmost security protocols", but really, when you're in the 3rd world, slipping a few data files out the back door can make you extremely rich. A few thousand dollars of $USD can be worth about 10x that in those countries.

People are uploading passports, drivers licenses, financial details, and the full details of nearly every aspect of their life, and they all get sent off to the 3rd world so some corporation can save a few bucks. If it get leaks, oh well, too bad for the customer. The corporation gets a bit of a slap on the wrist, but who cares right... they saved $xxx million by outsourcing it in the first place.

 

[VitalyT]

Coinbase refused to pay the $20 million ransom demanded by the attackers. Instead, the company is working closely with law enforcement and has set up a $20 million reward fund for information leading to the arrest and conviction of those responsible

...so one of them rolls on the rest, and get paid in full, LOL.

 

[BuckarooBonzaii]

As long as criminals are attracted to crypto, there is no true security. One of the easiest way to bypass any security is to have an insider.

 

[AlexIL]

When a worker gets paid in bananas and CEO in millions of dollars you can't seriously expect any kind of loyalty. If you talk about decency, worker with bananas more decent than CEO that pays bananas. What do they expect. Laughable.

 

[brucek]

When a worker gets paid in bananas and CEO in millions of dollars you can't seriously expect any kind of loyalty. If you talk about decency, worker with bananas more decent than CEO that pays bananas. What do they expect. Laughable.

The vast majority of the world makes less than millions of dollars, and yes their jurisdictions expect them all to stay within the law or face the consequences accordingly. But I'd love to see any of these perpetrators trying using this defense at their trial. I also seriously doubt getting paid any reasonable amount more would have made any difference. If you're the type of character is that OK committing a serious crime for $20 million dollars, you're not basing your decisions on your hourly wage. We've seen similar capers from well-paid insiders in the US too.