In a surprising turn of events, Coinbase, one of the world’s largest cryptocurrency exchanges, revealed a major security breach—not through advanced cyber tactics, but via an old-fashioned method: bribery.
Hackers Bribed Coinbase Support Agents in India
Coinbase disclosed that cybercriminals gained unauthorized access to sensitive user data by bribing outsourced customer service agents in India. The stolen data includes:
- Full names
- Home addresses
- Government ID images
- Transaction history
- Account balances
The breach affected less than 1% of Coinbase’s monthly active users, but the consequences are serious. The attackers demanded a $20 million ransom, which Coinbase has refused to pay.
Breach Timeline and Details
According to a filing with the Maine Attorney General, the breach started as early as December 26, 2024. In total, 69,461 customers were impacted, placing them at a higher risk of identity theft or fraud.
Coinbase stated that it:
- Fired all employees involved in the breach
- Notified affected users since December
- Upgraded fraud detection systems
- Is preparing to reimburse customers where necessary
- Will relocate some support operations to more secure environments
DOJ Investigation Underway
Bloomberg reports that the U.S. Department of Justice (DOJ) is now investigating the incident. Coinbase itself is not the target of the investigation, according to Chief Legal Officer Paul Grewal, who confirmed the company voluntarily reported the hack to authorities.
CEO Responds: “We Won’t Pay Your Ransom”
Coinbase CEO Brian Armstrong addressed the situation directly in a video on X (formerly Twitter). Rather than giving in to the hackers’ ransom demand, Coinbase has launched a $20 million bounty program for any information leading to the attackers’ arrest and conviction.
“No, we’re not going to pay your ransom,” Armstrong said firmly.
Stock Reaction and Recovery
Coinbase’s stock (COIN) dropped 7% after the breach was revealed, but has since recovered most of its losses, now sitting about 1% below pre-announcement levels. As of the latest update, COIN is trading at $267.12, up 3.14%.
Expert View: A Process Failure, Not a Tech One
Devin Ryan, Head of Fintech Research at Citizens Financial Group, called the breach “a process issue” rather than a fundamental flaw in Coinbase’s system.
“This is an issue that emanated from employees and also, I think, from a process,” he noted.
