Coinbase Customer Data Breach via Support
- Centralized Exchange
- ZachXBT
Coinbase disclosed a major customer data breach in which cybercriminals bribed and recruited a group of rogue overseas customer support agents to steal Coinbase customer information from internal support systems. The stolen information included names, contact details, partial Social Security numbers, masked bank info, government ID images, and account history — but no passwords, private keys, or direct access to funds. Coinbase received a $20 million ransom demand from the attackers, which it refused; instead it offered a $20 million reward for information leading to the attackers’ arrest and vowed to reimburse affected customers. ZachXBT has tracked related cases with massive individual thefts ($2M–$6M+ per scammer/group).
Incident Details
- Type
- CUSTODY FAILURE
- Funds Lost
- Unknown
- Status
- Ongoing
Coinbase refused the $20M ransom demand. Instead offers $20m for information leading to arrests.