Coinbase received an extortionary email asking for $20 million in ransom from hackers who said they had obtained private user data.
The cryptocurrency exchange platform said a May 11 message demanded the money in return for not publicly disclosing information that was obtained through Coinbase employees.
In a press release, Coinbase said "cyber criminals bribed and recruited" "rogue overseas support agents" to steal customer data in order to facilitate social engineering attacks.
Coinbase described the intrusion as only affecting a small subset of customers (less than 1%). However, this could still account for more than 1 million app users, given 2024 estimates that the company had ballooned to 105 million users, according to Business of Apps.
Cyber criminals bribed and recruited rogue overseas support agents to pull personal data on <1% of Coinbase MTUs. No passwords, private keys, or funds were exposed. Prime accounts are untouched. We will reimburse impacted customers. More here: https://t.co/SidVn59JCV
— Coinbase 🛡️ (@coinbase) May 15, 2025
