Coinbase CEO Brian Armstrong has publicly addressed a latest cyberattack that focused the corporate’s buyer information via insider collusion and led to a $20 million in Bitcoin ransom demand.
In a video assertion shared on X, Armstrong confirmed that Coinbase had obtained a threatening electronic mail from cybercriminals claiming to own delicate buyer info and demanding cost in Bitcoin to maintain it non-public.
https://t.co/evpIBMFvRW pic.twitter.com/f6UPdkL5R0
— Brian Armstrong (@brian_armstrong) Could 15, 2025
Armstrong rejected the demand outright and acknowledged that the trade wouldn’t comply. As an alternative, the corporate is providing a $20 million reward for info that ends in the identification, arrest and conviction of these chargeable for the assault.
What occurred?
In line with Coinbase, the breach originated from a bunch of abroad buyer assist brokers who had been bribed and recruited by the attackers. These rogue insiders abused restricted entry privileges to acquire private buyer information comparable to names, dates of delivery and addresses.
Though passwords, non-public keys and funds weren’t compromised, the knowledge accessed was used to launch social engineering assaults aimed toward tricking prospects into transferring funds to the attackers.
The corporate reported that lower than 1% of its month-to-month transacting customers had been affected. Coinbase acknowledged the breach as unacceptable.
As a part of its response, the main U.S. trade is relocating a few of its buyer assist operations and implementing further safety measures to strengthen protections round buyer information.
The trade additionally confirmed it’ll absolutely reimburse any prospects who had been deceived into sending funds on account of the assault. Particulars of the reimbursement course of can be found on the corporate’s web site.