.png){kind=logo}
Leading cryptocurrency exchange Coinbase has confirmed a cyberattack that targeted its user base. The platform claimed that no sensitive financial information or funds were compromised. It has pledged full reimbursement for affected customers. Coinbase also strongly denied paying any ransom demanded by the attackers.
Coinbase CEO Brian Armstrong addressed the incident in a video statement. He declared, “No, we are not going to pay your ransom”. Armstrong’s stance comes amid growing concerns over social engineering tactics and insider help used in this breach.
The attackers reportedly bribed offshore customer support agents to gain internal access, which they then used to collect users’ names, addresses, and limited masked financial identifiers. While Coinbase states that less than 1% of users were affected, the data compromised could still be used for impersonation and phishing attacks.
According to Coinbase, no login credentials, private keys, or funds were accessed. Prime account holders and custodial wallets remain secure. However, the stolen data includes:
Customer names and physical addresses
Last four digits of masked Social Security Numbers
Masked bank account numbers
Partial identity and account information
Coinbase confirmed that hot and cold wallets were not breached.
Also Read: Social Engineering Attacks: How to Protect Your Business
Coinbase has launched a $20 million reward fund to counter the fallout to identify and bring the perpetrators to justice. The platform also announced a reimbursement policy for users who were tricked into transferring funds during the hack.
In a bid to boost customer safety, Coinbase has put in extra safety requirements:
Additional ID verification for flagged accounts
Scam-awareness prompts before high-value withdrawals
A new US-based support hub for secure, centralized service
The company has also improved real-time monitoring across all global locations.
This cyberattack arrives shortly after Telegram's crackdown on Haowang Guarantee. It is a darknet marketplace known for facilitating illegal crypto transactions. It underscores the rising wave of cyberattacks targeting major crypto exchanges. For instance, last year’s WazirX hack led to a $230 million loss and ongoing operational freezes.
Coinbase’s quick acknowledgment, refusal to pay ransom, and reimbursement offer signal a proactive response. However, with personal data exposed, user trust and regulatory scrutiny may intensify. Investigations continue for now. To prevent future breaches, the industry will likely see tightened compliance requirements and stronger access controls.
Also Read:Crypto Prices Today: Bitcoin Price Holds Above $103K, ETH Dips 0.81%
