Coinbase Hack: Exchange Suffers Cyberattack, Promises Reimbursement

Coinbase has fallen victim to a cyberattack, becoming the latest casualty in the growing crypto hacks. In an unusually targeted attack, the criminals allegedly bribed and recruited rogue overseas support agents to gain access to users’ personal data. Both Coinbase and its CEO, Brian Armstrong, issued statements outlining the impact and the countermeasures on Thursday morning.

The company claims that no sensitive data was breached, but the crypto exchange has pledged to reimburse any affected customers. In addition, the platform has launched a $20 million reward fund to track down the perpetrators.

Coinbase Cyberattack: Criminals Target User Data

Coinbase revealed the cyberattack on social media and shared that hackers targeted the personal data of Most Trusted Users (MTU). “No passwords, private keys, or funds were exposed. Prime accounts are untouched,” Coinbase wrote on X.

The hackers allegedly sent an email to the exchange, demanding a ransom to keep the stolen data under wraps. In response to the threat, CEO Brian Armstrong shared a video post, firmly stating, “No, we are not going to pay your ransom.”

Details of Data Breach

Elaborating on the hackers’ attempt to steal users’ personal information, Brian Armstrong stated that less than 1% of the users’ personal data is likely to have been compromised.

Though they bribed customer support agents overseas, they failed to steal sensitive data, claims Coinbase. Instead, they gained access to personal information, including customers’ names, addresses, and other contact details. Brian suspected that the hackers could impersonate Coinbase executives to its users using the customer data gathered from the cyberattack.

In addition, they got access to the last four digits of Masked Social Security numbers, Masked bank‑account numbers, and some bank account identifiers, identity proofs, account data, and more.

At the same time, they failed to steal sensitive information, including Login credentials, private keys, customer funds, and prime account details. They were also blocked from accessing customers’ hot and cold wallets.

Notably, this development follows Telegram’s recent crackdown on Haowang Guarantee, a major darknet marketplace. This highlights the growing need for solid security measures and regulations amid the increasing crypto hacks.

Coinbase Promises Reimbursement and Enhanced Security

Addressing the crypto exchange hack, the crypto exchange has promised to reimburse the affected users. Coinbase cyberattack victims can claim reimbursement if they were tricked into sending funds to the attackers due to social engineering attacks. To further safeguard customers, flagged accounts will now require additional ID checks on large withdrawals and include mandatory scam-awareness prompts.

Moreover, the platform has opened a new support hub in the US, implementing stronger security controls and monitoring across all locations. As the company has initiated investigations into the crime, customers will be provided with regular updates on the matter.

Last year, one of the largest crypto exchanges in India, WazirX, also faced a similar cyberattack where hackers stole a staggering $230 million on July 18, 2024. The attack had forced the exchange to halt operations and freeze the user funds, a resolution to which is still awaited.