The biggest cryptocurrency exchange in the US forecast that a cyber-attack that breached account data of a “small subset” of its customers would cost it between $180m and $400m. Coinbase said that price tag would not include the $20m ransom demanded by the hackers, which the company refused to pay.
Coinbase, which sees the largest volume of cryptocurrency trades in the US, said that while the attackers stole some data including names, addresses and emails, they did not get access to login credentials or passwords. It will, however, reimburse the customers who were tricked into sending funds to the attackers.
The hackers had paid multiple contractors and employees working in support roles outside the US to collect information from internal systems. Coinbase immediately fired the employees involved, it said.
It also decline to pay the ransom demand of $20m and is working with law enforcement agencies. It has instead established a $20m reward for information on the attackers.
“Instead of funding criminal activity, we have investigated the incident, reinforced our controls, and will reimburse customers impacted by this incident,” the company said in a blogpost.
The company said it received an email from an unknown threat actor on 11 May, claiming to have information about certain customer accounts as well as internal documents. The disclosure comes days before Coinbase is set to join the benchmark S&P 500 index, marking a landmark moment for the crypto industry.
Security remains a challenge for the crypto industry. In February, Bybit, the world’s second-largest cryptocurrency exchange by trading volume, disclosed that attackers had stolen digital tokens worth about $1.5bn, which many called the biggest crypto heist of all time.
after newsletter promotion
Funds stolen by hacking crypto platforms totaled $2.2bn in 2024, according to a report from blockchain analysis firm Chainalysis, the fourth straight year in which such hacks have topped more than $1bn.
