In This Article:
On May 15, Coinbase CEO Brian Armstrong said on X that the crypto exchange had been targeted in a sophisticated extortion attempt involving insider collusion and customer data theft.
Armstrong said hackers tried to bribe Coinbase’s overseas customer support agents for access to internal tools, eventually coercing “a few bad apples” into leaking sensitive user information.
The stolen data included names, birth dates, email addresses, and home addresses of a small number of customers. While attackers never gained access to passwords, private keys, or wallets, Armstrong warned that the breach was used to launch advanced social engineering scams.
“The attackers' intent was to use the user's personal information clandestinely, and to social engineer unique scams impersonating Coinbase support to victims and persuading them to send their crypto funds,” Armstrong said.
In a direct response to the perpetrators, Armstrong rejected a demand to pay $20 million in Bitcoin to keep the incident quiet. Instead, he announced a $20 million bounty for information that leads to the arrest and conviction of those responsible.
"Now, unfortunately, they were able to find a few bad apples. Our systems are designed to mitigate the impact of something like this, so less than 1% of our monthly transacting users had their records accessed. But this is still unacceptable, and I want to tell you what we're doing about it,” Armstrong said.
“So first, any customers that were socially engineered as a result of this incident, we're going to reimburse them. There's more details on our website, on our blog post about the reimbursement process,” he added.
Coinbase is dealing with the issue in two steps, reiterated Armstrong.
First, Coinbase will fully reimburse targeted customers that lost money from the breach. Second, Coinbase is rebuilding its customer service operations, limiting agent access to user data. Third, some customer support operations will migrate to protected environments to limit the ability to do a wide breach similar to what we saw.