Major crypto exchange Coinbase has issued an urgent alert to its users following a targeted security incident, publicly detailing an extortion attempt against it and its customers in a recent official blog post.
Coinbase disclosed that cybercriminals bribed and recruited a group of rogue overseas support agents to steal Coinbase customer data to facilitate social engineering attacks. These bad actors used cash offers to convince a small group of insiders to copy data in the Coinbase customer support tools for less than 1% of Coinbase's monthly transacting users.

Cyber criminals bribed and recruited rogue overseas support agents to pull personal data on 1% of Coinbase MTUs. No passwords, private keys, or funds were exposed. Prime accounts are untouched. We will reimburse impacted customers. More here: https://t.co/SidVn59JCV

— Coinbase 🛡️ (@coinbase) May 15, 2025

They aimed to compile a customer list they could contact while pretending to be Coinbase and tricking individuals into handing over their crypto. They then attempted to extort Coinbase for $20 million to cover this up, but it declined.

HOT Stories Breaking: Coinbase CEO Reacts to $20 Million Bitcoin Ransom and Customer Data Attack Coinbase Issues Urgent Notice for Crypto Users: Details US Government Not Selling Bitcoin: White House's Bo Hines 'Ridiculous': Peter Schiff Reveals What's Actually Worse Than Bitcoin

You Might Also Like
Mon, 05/12/2025 - 13:27 Coinbase CEO Unveils 10-Year Crypto Roadmap ByTomiwabold Olajide

While a small subset of customers, less than 1% of Coinbase MTU, were affected, no passwords, private keys or funds were exposed, and Coinbase Prime accounts remain untouched. Coinbase stated it will reimburse customers tricked into sending funds to the attacker while cooperating closely with law enforcement to pursue the harshest penalties possible but will not pay the $20 million ransom demand.

Coinbase is establishing a $20 million reward fund for information that leads to the arrest and conviction of those responsible for the attack. Impact notices have been sent to affected users, and the community will be updated as the investigation progresses.

Urgent warning issued

Coinbase warned its users that imposters or scammers, whether related to the breach or not, may pose as Coinbase employees and try to pressure them into moving their funds.

Users should be aware that Coinbase will never request passwords, 2FA codes or asset transfers to a specific or new address, account, vault or wallet. It will never phone or text consumers to provide them with a new seed phrase or wallet address to transfer coins to. If they receive a call along these lines, they should not respond; Coinbase will never request that they contact an unknown number to reach it.

Coinbase outlined a few best practices, which include enabling withdrawal allow-listing, using strong 2FA with hardware keys and exercising caution before taking action.

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。