Coinbase estimates $400M cost after data breach and crypto scam
Coinbase is dealing with the fallout of a cyberattack that exposed personal data and triggered a demand for a $20 million ransom. The company says it won’t pay. Instead, it plans to reimburse victims and spend up to $400 million to cover the damage.
The attackers claim they tricked Coinbase employees and contractors into handing over customer data. With that information, they impersonated the company and convinced users to send them crypto.
In a statement, Coinbase said less than 1% of its users were affected. The stolen data includes names, phone numbers, addresses, email, partial Social Security numbers, masked bank account info, ID images, transaction history, and some internal documents.
Importantly, no login details, two-factor authentication codes, private keys, or access to wallets were stolen. The hackers couldn’t touch any customer funds or Coinbase Prime accounts.
Still, the damage was done. After the company disclosed the breach, its stock dropped by over 4%.
The attack came just days before Coinbase was set to join the S&P 500 — a move seen as a sign of how far crypto firms have entered the financial mainstream. But the breach serves as a reminder that the industry remains a frequent target for cybercrime.
Hackers demanded $20 million to keep quiet. Coinbase didn’t pay. It’s now working with law enforcement and has set up a $20 million reward for information that leads to an arrest.
“We will reimburse customers who were tricked into sending funds to the attacker,” the company said. “We’re cooperating closely with law enforcement to pursue the harshest penalties possible.”
Coinbase also moved quickly to tighten internal systems. The company said it’s increasing investments in tools to detect insider threats, run automated responses, and simulate future attacks to test system weaknesses.
Employees who gave away information have been fired.
In a filing with the US Securities and Exchange Commission, Coinbase estimated the cost of the incident could range between $180 million and $400 million. That includes customer reimbursements and costs related to investigation, cleanup, and other possible losses. The final amount may change depending on lawsuits or recovered funds.
A recent report from Chainalysis found that crypto-related thefts totalled $2.2 billion in 2024. As the sector grows, it continues to attract attention from hackers. Many are using more complex methods and targeting staff, not just tech.
“Security remains a challenge for the crypto industry despite its growing mainstream acceptance,” said Nick Jones, founder of crypto firm Zumo. “As our nascent industry grows rapidly, it draws the eye of bad actors, who are becoming increasingly sophisticated in the scope of their attacks.”
Coinbase has warned its users to stay alert. It reminded customers that it will never ask for passwords, 2FA codes, or asset transfers to unfamiliar addresses.
Users were also advised to enable withdrawal allow-listing, use hardware-based 2FA, and lock their accounts through the app if something feels suspicious.
“To the customers affected, we’re sorry for the worry and inconvenience this incident caused,” Coinbase said. “We’ll keep owning issues when they arise.”
(Photo by Unsplash)
See also: Coinbase becomes first crypto-native company in S&P 500
Want to learn more about blockchain from industry leaders? Check out Blockchain Expo taking place in Amsterdam, California and London.
Explore other upcoming enterprise technology events and webinars powered by TechForge here.
