In May 2025, Coinbase, the largest cryptocurrency exchange in the U.S., disclosed a major data breach. Hackers gained access to sensitive customer data by bribing overseas support staff. Although the breach affected fewer than 1% of its 9.7 million monthly active users, the fallout has been significant.
Hackers Demand Ransom; Coinbase Refuses to Pay
The attackers demanded a $20 million ransom and threatened to release the stolen information. Coinbase CEO Brian Armstrong confirmed that the company refused to comply, opting instead to take immediate security and legal action.
Details of the Compromised Data
The information accessed during the breach includes:
-
Full names
-
Postal and email addresses
-
Phone numbers
-
Last four digits of Social Security numbers
-
Masked bank account numbers and banking identifiers
-
Government-issued IDs such as driver’s licenses and passports
-
Account balances and transaction histories
Some internal company documentation was also compromised.
Coinbase’s Response and Remediation Efforts
Coinbase took swift action by terminating the employees involved in the breach. The company notified affected customers and began implementing stronger safeguards. Plans are in place to open a new U.S.-based support center to reduce reliance on overseas staff and strengthen internal security protocols.
Financial Impact and What Comes Next
Coinbase estimates that the data breach will cost between $180 million and $400 million in recovery and customer protection efforts. The incident underscores the ongoing challenges of securing sensitive data in the cryptocurrency industry, particularly as companies like Coinbase continue to expand their global presence and prepare for broader institutional recognition.
