Coinbase breach: attackers demand $20M ransom

By: cryptosheadlines|2025/05/16 07:30:07
0
Share
copy
Airdrop Is Live CaryptosHeadlines Media Has Launched Its Native Token CHT. Airdrop Is Live For Everyone, Claim Instant 5000 CHT Tokens Worth Of $50 USDT. Join the Airdrop at the official website, CryptosHeadlinesToken.com Attackers bribed support staff to access internal tools.$20M ransom demand redirected into reward fund.New protections live ahead of S&P 500 entry.Coinbase has disclosed a targeted cyberattack involving bribed overseas contractors, resulting in a significant data breach that impacted less than 1% of its monthly active users.While no funds, passwords, or private keys were exposed, the attackers accessed internal systems and extracted sensitive customer information.The incident highlights growing concerns over insider threats in centralised crypto platforms and comes at a crucial moment, with Coinbase preparing for its inclusion in the S&P 500 index.The company has launched new user protections and is expecting up to $400 million in related expenses.Bribed contractors enabled accessThe breach occurred through a coordinated social engineering effort in which a group of overseas contractors were bribed to grant attackers access to internal tools.Although Coinbase did not specify the country involved, it confirmed that Coinbase Prime accounts used by institutions were not affected.Attackers obtained partial bank information, addresses, phone numbers, and masked Social Security digits, aiming to impersonate the platform and extract further assets through phishing.Coinbase warned that the information was intended to target users in follow-up scams by posing as legitimate support agents.$20M ransom rejectedAfter the breach was discovered, the attackers demanded a $20 million payment to stay silent.Coinbase rejected the demand and instead diverted the amount into a reward fund to help track down those responsible.The company is now offering up to $20 million for information leading to the arrest and conviction of the attackers.Coinbase has also engaged blockchain analytics firms to flag addresses connected to the attackers, freeze potential stolen assets, and monitor the flow of funds.Law enforcement agencies in the US and abroad have been alerted to pursue criminal charges.New protections deployedTo limit future attacks and mitigate risks from the breach, Coinbase has implemented several new security protocols.These include additional ID verification during withdrawals, real-time scam alerts, and enhanced scrutiny for accounts flagged as high risk.A new customer support hub has been launched in the US to reduce third-party outsourcing.Internally, Coinbase has strengthened its insider threat detection and now runs continuous red-team testing.It has pledged to make impacted customers “whole” if any further scams succeed using the stolen data, and is reviewing potential indemnification claims.S&P 500 listing under spotlightThe disclosure comes just days before Coinbase’s entry into the S&P 500, making it the first crypto-native company to achieve the distinction.With estimated costs from the breach ranging between $180 million and $400 million, analysts expect scrutiny to rise over the exchange’s security infrastructure and operational resilience.Coinbase said a full assessment of losses, legal claims, and potential recoveries is underway, but the incident underscores the challenges centralised exchanges face in guarding user data against both external and internal threats.Share this articleCategoriesTagsSource link

You may also like

Dune Stablecoin Research: The Flow and Demand of a $300 Billion Market

In the dataset, transfers are no longer simply labeled as pure "transaction volume," but are classified as different on-chain activities. This is the difference between "just knowing that $100 trillion has been transferred" and "understanding why it was transferred."

Stripe Annual Letter: New cognitive density is extremely high, especially the 5-level model of "AI + Payments"

Every trend here is affecting everyone's future survival.

Sam Altman's Twenty-Four Hours: The Pentagon said "no" twice, but only one was serious

In Silicon Valley, Altman's sub-12-hour move has a name. It's not called backstabbing, it's called timing.

The US-Iran Conflict Spreads to the Crypto Space: What to Expect in the Market on Monday

The most important industry in the crypto world, only 300 kilometers away from the missile's impact point

Lily Liu, the chair of the Solana Foundation, shouted "Don't waste time on crypto," is the crypto industry really dead?

The interest of the younger generation is shifting from cryptocurrency to the field of artificial intelligence, which coincides with the current phenomenon in the cryptocurrency industry.

The little deer live by the water and grass

Mining companies have never been the most devout believers in Bitcoin. Under the pressures of halving compressing profits, financial reports showing revenue growth without profit increase, and coin prices falling below mining costs, the industry is collectively de-risking.

Popular coins

Latest Crypto News

Read more