Cryptocurrency company Coinbase has confirmed it suffered a cyberattack on May 11, and is expecting to incur around $180 million to $400 million relating to the incident, including customer reimbursement.
The attack saw the criminals gain access to sensitive customer data, including government-issue documents such as passports, driver’s licenses and the last four digits of customers’ Social Security numbers. The attackers are reportedly asking for $20 million to not release the data.
As cyberattacks and data breaches becoming increasingly more common, security should remain a top priority for US businesses.
Cryptocurrency Company Coinbase Suffers Data Breach
Leading crypto company Coinbase has reportedly suffered a data breach that has put sensitive customer data at risk. Data includes government-issued identity documents, including passports, driver’s licenses and the last four digits of Social Security numbers.
According to the company, a bad faith actor had informed it on May 11 that they had access to customer information from Coinbase accounts, and demanded payment in exchange for not publishing the data.
This just in! View
the top business tech deals for 2025 👨💻
The person or group supposedly gained access by paying multiple contractors and employees working in support roles outside the US, who had access to the information to perform their own jobs.
CEO Brian Armstrong confirmed the ransom payment to be $20 million. However, Coinbase confirmed it doesn’t intend to pay, and are instead offering a $20 million reward for any information on the breach.
Sensitive Customer Information Up for Grabs Following Breach
Stolen data includes customer names, postal and email addresses, phone numbers, and the last four-digits of users’ Social Security numbers. Also stolen were masked bank account numbers and some banking identifiers, as well as account balance data and transaction histories.
The company have confirmed that the cyber criminals did not gain access to login credentials or passwords.
Coinbase spokesperson Natasha LaBranche told TechCrunch that the number of those affected is less than 1% of the platform’s customers. However, the company have confirmed in a blog post that they intend to reinforce their controls and “reimburse customers impacted by this incident”.
Data Breaches Becoming Scarily Commonplace for Businesses
Bybit, another crypto company, reported back in February that attackers had stolen digital tokens worth around $1.5 billion dollars, and in total, the number of funds stolen by breaching crypto platforms came to $2.2 billion in 2024, according to Chainalysis.
Security and privacy is becoming an increasingly important issue for businesses, as data breaches and cyberattacks continue to rise. In fact, a recent study reported that cybersecurity was a bigger concern for businesses than AI implementation.
Including security and privacy training for employees, carrying out regular software updates and implementing security measures such as access controls and multi-factor authentication, are part of the basic principles that help protect your business.
