In May 2025, Coinbase, the largest cryptocurrency exchange in the U.S., disclosed a major data breach. Hackers gained access to sensitive customer data by bribing overseas support staff. Although the breach affected fewer than 1% of its 9.7 million monthly active users, the fallout has been significant.
Hackers Demand Ransom; Coinbase Refuses to Pay
The attackers demanded a $20 million ransom and threatened to release the stolen information. Coinbase CEO Brian Armstrong confirmed that the company refused to comply, opting instead to take immediate security and legal action.
Details of the Compromised Data
The information accessed during the breach includes:
Full names
Postal and email addresses
Phone numbers
Last four digits of Social Security numbers
Masked bank account numbers and banking identifiers
Government-issued IDs such as driver’s licenses and passports
Account balances and transaction histories
Some internal company documentation was also compromised.
Coinbase’s Response and Remediation Efforts
Coinbase took swift action by terminating the employees involved in the breach. The company notified affected customers and began implementing stronger safeguards. Plans are in place to open a new U.S.-based support center to reduce reliance on overseas staff and strengthen internal security protocols.
Financial Impact and What Comes Next
Coinbase estimates that the data breach will cost between $180 million and $400 million in recovery and customer protection efforts. The incident underscores the ongoing challenges of securing sensitive data in the cryptocurrency industry, particularly as companies like Coinbase continue to expand their global presence and prepare for broader institutional recognition.
