Coinbase CEO Brian Armstrong has publicly addressed a latest cyberattack that focused the corporate’s buyer knowledge by means of insider collusion and led to a $20 million in Bitcoin ransom demand.
In a video assertion shared on X, Armstrong confirmed that Coinbase had obtained a threatening e-mail from cybercriminals claiming to own delicate buyer info and demanding fee in Bitcoin to maintain it personal.
https://t.co/evpIBMFvRW pic.twitter.com/f6UPdkL5R0
— Brian Armstrong (@brian_armstrong) Might 15, 2025
Armstrong rejected the demand outright and said that the change wouldn’t comply. As a substitute, the corporate is providing a $20 million reward for info that leads to the identification, arrest and conviction of these liable for the assault.
What occurred?
In keeping with Coinbase, the breach originated from a bunch of abroad buyer assist brokers who had been bribed and recruited by the attackers. These rogue insiders abused restricted entry privileges to acquire private buyer knowledge comparable to names, dates of start and addresses.
Though passwords, personal keys and funds weren’t compromised, the data accessed was used to launch social engineering assaults geared toward tricking prospects into transferring funds to the attackers.
The corporate reported that lower than 1% of its month-to-month transacting customers had been affected. Coinbase acknowledged the breach as unacceptable.
As a part of its response, the main U.S. change is relocating a few of its buyer assist operations and implementing extra safety measures to strengthen protections round buyer knowledge.
The change additionally confirmed it’s going to absolutely reimburse any prospects who had been deceived into sending funds because of the assault. Particulars of the reimbursement course of can be found on the corporate’s web site.
