Cryptocurrency exchange Coinbase said Thursday cyber criminals stole customer data and demanded a $20 million payment from the company to not publicly release the sensitive information.
The group of cyber criminals allegedly persuaded a small group of customer support agents overseas to copy data from its customer support tools in exchange for cash, Coinbase announced in a blog post Thursday.
The criminals hoped to use the data to contact customers and trick them into giving their crypto, the exchange alleged.
Coinbase, the country’s largest cryptocurrency exchange, rejected the $20 million ransom.
“Instead of paying this $20 million ransom, we’re turning it around. And we’re putting out a $20 million award for any information leading to the arrest and conviction of these attackers,” Coinbase CEO Brian Armstrong said Thursday in a video posted to the social platform X. “For these would-be extortionists or anyone seeking to harm Coinbase customers, know that we will prosecute you and bring you to justice.”
Less than 1 percent of customer data was stolen but included users’ names, addresses, phone numbers, emails, government ID images, and account data. They also received the last four digits of users’ social security numbers and masked bank account numbers but did not gain access to users’ login credentials, private keys and did not have the ability to move or access funds.
“Attackers still want access to this information because it allows them to conduct social engineering attacks where they can call our customers impersonating Coinbase customer support and try to trick them into sending their funds to the attacker,” Armstrong said.
Customers who were manipulated by the criminals will be reimbursed and flagged accounts will have additional ID checks on large withdrawals, Coinbase said.
In a filing with the Securities and Exchange Commission, Coinbase estimated the company will have to spend between $180 million to $400 million between the remediation costs and voluntary customer reimbursements.
