Coinbase declined a $20 million ransom demand after a data breach involving a support agent account, underscoring its firm stance on cybersecurity threats.
After insiders used a phishing campaign to expose customer data, the company rejected a $20 million ransom demand. According to the company, less than 1% of consumers were impacted.
The third-largest cryptocurrency exchange in the world, Coinbase, reported that hackers had recruited foreign support personnel to disclose customer data, leading to a $20 million extortion attempt.
A gang of outside actors allegedly bribed and conspired with multiple customer service contractors to gain access to internal systems and obtain restricted user account data, according to a blog post published on May 15 by Coinbase.
The company stated that no passwords, private keys, cash, or Prime accounts were compromised, but that “these insiders misused their access to customer support systems to steal the account data for a small subset of customers.”
According to Coinbase, the hack impacted less than 1% of its monthly transacting users’ data.
Following the data theft, the attackers tried to demand $20 million from Coinbase in return for keeping the hack a secret, and they turned down the request.
Instead, the business declared that it would pay $20 million for information that would result in the arrest and conviction of the scheme’s perpetrators.
Scammers frequently pose as well-known companies to give their victims a false sense of trust.
Scammers most frequently impersonated Coinbase as a cryptocurrency brand in 2024.
