Cybercriminals Hack Coinbase to Steal Customer Data

Coinbase, one of the world’s largest cryptocurrency exchanges, has confirmed a major data breach impacting approximately 1% of its customer base. The stolen data includes personal information such as masked Social Security numbers, bank account details, and images of government-issued IDs uploaded by users.

Hackers also accessed internal company data and information about customers’ crypto balances. According to Coinbase, the breach was made possible through collusion with several overseas customer support agents, who were bribed to provide sensitive user data.

All involved employees have been identified and terminated, and legal action is now underway. The attackers reportedly attempted to use the stolen data to impersonate Coinbase and trick victims into transferring their cryptocurrency. They even demanded $20 million in Bitcoin to prevent the data from being leaked — a demand Coinbase refused to meet. Instead, the company is offering the full $20 million reward for information leading to the arrest of the perpetrators.

Some users have already fallen victim and transferred funds to the attackers. Coinbase has pledged to reimburse these customers, stating they were deceived. In response to the breach, the platform has introduced enhanced security measures, including stricter identity verification for large withdrawals, and has relocated its support operations to the U.S.

The company has also stepped up investments in internal threat detection systems and notified all affected users directly.

This incident is not an isolated case. Earlier in 2025, Bybit suffered a $1.4 billion Ethereum theft, and in 2024, WazirX lost around $230 million in crypto. Overall, over $2.2 billion worth of digital assets were stolen globally in 2024 alone — raising serious concerns about the security of crypto platforms and slowing institutional and governmental adoption of cryptocurrencies.