Coinbase, the world’s third‑largest crypto exchange, faced a serious threat when outside attackers tried to extort $20 million in Bitcoin. The group paid off a small number of overseas support agents, initial reports disclose. Those insiders then leaked personal account details. No passwords or private keys were taken, Coinbase said. The crypto exchange’s Prime Accounts also escaped harm. Still, less than 1% of the company’s monthly active traders saw some of their data exposed.
Inside Support Team Access
According to Coinbase, a handful of customer‑support contractors were offered bribes to tap into internal tools. They used their access to pull out names, email addresses and limited transaction records. Only a small slice of users were affected. But even a minor leak can fuel more scams. Criminals often use stolen information to target victims with custom tricks.
Coinbase falls prey to phishing attack. Image: C&S Specialty Underwriters
Coinbase Says It Won’t Give In
Based on reports, the hackers demanded 20 million dollars’ worth of Bitcoin to keep silent. But, Coinbase made it clear: it would not pay that kind of money. Instead, the company announced a $20 million‑dollar bounty for anyone who helps nail those behind the plot. That move flips the script. It puts the spotlight on the crooks and turns them into the hunted rather than the hunters.
Funds For Customer Reimbursements
Coinbase also revealed that it plans to set aside between $180 million and $400 million. That cash will cover payouts to people who got tricked by phishing scams. In 2024 alone, the exchange was the most impersonated brand in crypto, making phishing calls and fake emails a constant headache. Users who lost funds to those scammers will get their money back under Coinbase’s program.
Indeed there’s a lot of Coinbase user thefts I posted tied to the group pic.twitter.com/HVO4ENjZ4f
— ZachXBT (@zachxbt) May 15, 2025
Phishing Losses Keep Rising
Blockchain watcher ZachXBT has been raising alarms about phishing costs. He pegged the loss at around $45 million in just one week before May 7. On top of that, he estimates that scams drain over $300 million every year from Coinbase customers. Those numbers show how big the problem has grown. It also explains why Coinbase is committing hundreds of millions to fight back.
Plans To Harden Defenses
Looking ahead, Coinbase says it will tighten data controls and move parts of its support work to new locations. It will also step up staff checks and vetting before agents get access to live systems. On top of that, the exchange aims to boost its fraud‑monitoring tools. Users can expect more alerts when unusual activity shows up on their accounts.
Featured image from ESET, chart from TradingView
Editorial Process for bitcoinist is centered on delivering thoroughly researched, accurate, and unbiased content. We uphold strict sourcing standards, and each page undergoes diligent review by our team of top technology experts and seasoned editors. This process ensures the integrity, relevance, and value of our content for our readers.
