Crypto News

Coinbase Faces $400M Fallout After Overseas Contractors Linked To Cyber Attack

Coinbase Global shares dropped over 7% on Thursday after the crypto exchange revealed a cyberattack that could cost up to $400 million. The breach, which impacted a "small subset of customers," exposed names, addresses, phone numbers, emails, and government ID images—though passwords and private keys were not compromised. Refuses $20M ransom demand.

Matthew Giannelis
Matthew Giannelis

Coinbase Global is scrambling to contain the damage after disclosing a serious cyberattack that may cost the company up to $400 million and has exposed major weaknesses in its outsourced support structure.

Shares in the cryptocurrency giant plummeted over 7% on Thursday after the company admitted that personal customer data had been compromised.

The breach, which Coinbase described as affecting a “small subset” of users, involved the theft of names, addresses, phone numbers, email accounts, and government-issued ID images.

Passwords and private keys were reportedly not accessed, but the loss of such identifying details poses significant risks for phishing and identity fraud.

According to a regulatory filing, the company received a chilling email on May 11 from an unidentified threat actor who claimed to have obtained internal company documents and customer data. The hackers demanded a $20 million ransom for not leaking information.

But what stands out is how the attackers gained access: Coinbase says the hackers paid several contractors and employees working in support roles outside the United States to help them acquire sensitive customer data.

The individuals, hired to assist with customer service, used their access to pull private account details—marking a stark breakdown in internal access controls.

According to Coinbase those involved have since been terminated and referred to law enforcement. The company says it has not paid the ransom and is working closely with authorities:

In a blog post, the company admitted:

“Cybercriminals bribed and recruited a group of rogue overseas support agents to steal Coinbase customer data to facilitate social engineering attacks,”

“These agents abused their access to customer support systems to steal the account data for a small subset of customers.”

“We’re cooperating closely with law enforcement to pursue the harshest penalties possible and will not pay the $20 million ransom demand we received,”

Instead, Coinbase is offering a $20 million reward for information that leads to the arrest and conviction of those behind the attack.

It is also moving to “harden” its systems and has announced the creation of a new U.S.-based support hub to improve oversight and reduce exposure from third-party staffing.

The company says it will reimburse any affected customers who were duped into sending funds to the attackers. Its current estimate for remediation and reimbursement costs ranges from $180 million to $400 million.

But the timing couldn’t be worse. The U.S. Securities and Exchange Commission has launched a separate investigation into whether Coinbase has inflated its user numbers, putting the exchange under dual fire—from regulators and cybercriminals.

The revelations raise serious questions about Coinbase’s operational model, particularly its dependence on international contractors for sensitive customer support functions.

While Coinbase insists only a small portion of customers were affected, the damage to user trust may be far more widespread.

For a company managing more than $328 billion in assets, the real cost of the breach may go beyond dollars—it may lie in the confidence lost among investors and customers now left wondering who really has access to their personal data.

ByMatthew Giannelis
Follow:
Secondary editor and executive officer at Tech Business News. An IT support engineer for 20 years he's also an advocate for cyber security and anti-spam laws.
Previous Article OpenAI and the FDA Talks About Using AI In Drug Evaluation OpenAI And FDA Discuss AI’s Role In Drug Approval Process
Next Article Is AI Making us dumb - stupid AI Threatens Authentic Human Experience Is AI Making Us Dumb And Flatten Authentic Human Experience?
Leave a Comment

Leave a Reply

Coinbase estimates cyberattack could cost crypto exchange up to $400M

Tech Articles

The Internet’s Best Blogs Didn’t Vanish — They Were Stripped for Parts by SEO Parasites

The Internet’s Best Blogs Didn’t Vanish — They Were Stripped for Parts by SEO Parasites

How some of the internet’s best independent blogs were quietly…

Top Big Tech Companies 2026

The Big Tech Companies Actually Winning In 2026 — And Numbers That Prove It

Top tech companies in 2026 included AppLovin, AWS, Microsoft, Meta,…

The Decay of guest blogging posts

The Decay of Guest Blogging. It Got Cheap, Automated, and Spammy.

Guest blogging once helped publishers showcase real expertise and build…

Recent News