Coinbase Faces Up to $400 Million Loss After Cyber Attack

Coinbase Faces Up to $400 Million Loss After Cyber Attack.

Coinbase, one of the world’s largest cryptocurrency firms, has revealed it could face losses of up to $400 million (£301 million) following a recent cyber attack.

According to the company, hackers contacted them claiming to have accessed customer information by paying off certain Coinbase contractors and employees. In a detailed blog post, Coinbase disclosed that the attackers obtained data from "less than 1%" of its user base. The stolen information was then used to impersonate the company and deceive customers into transferring their cryptocurrency.

The hackers demanded a $20 million ransom to keep the breach quiet. Coinbase refused to pay the bribe and instead vowed to reimburse all users who were scammed. "We will reimburse customers who were tricked into sending funds to the attacker," the company said.

Following the disclosure, Coinbase's share price dropped by 4.1%. The timing of the attack is particularly significant, as the company is just days away from being added to the benchmark S&P 500 index — a major milestone for the crypto industry.

As the sector continues to expand, it is becoming a more frequent target for cybercriminals. A recent report from research firm Chainanalysis found that $2.2 billion was stolen from crypto businesses in 2024 alone.

"Security remains a challenge for the crypto industry despite its growing mainstream acceptance," said Nick Jones, founder of crypto firm Zumo. "As our nascent industry grows rapidly, it draws the eye of bad actors, who are becoming increasingly sophisticated in the scope of their attacks."

LATEST: Trump and the Jet: A Billionaire’s Quest for the Biggest Toy.

Coinbase said the attack began with an email from an "unknown threat actor" on May 11. It is now working closely with law enforcement and has pledged to seek "the harshest penalties possible" for those involved. Rather than paying the ransom, Coinbase is offering a $20 million reward for information leading to the criminals' arrest and conviction.

In a filing with the U.S. Securities and Exchange Commission, Coinbase estimated the potential cost of the breach between $180 million and $400 million, including "remediation costs and voluntary customer reimbursements." The company acknowledged that this figure may change depending on further losses, legal claims, and possible recoveries.

Employees who leaked customer data to the hackers have been terminated.

Coinbase has urged customers to remain alert, warning of likely future scams. It emphasized: "Coinbase will never ask for your password, 2FA codes, or for you to transfer assets to a specific or new address, account, vault or wallet."

It also advised users to lock their accounts if they notice suspicious activity. "To the customers affected, we're sorry for the worry and inconvenience this incident caused. We'll keep owning issues when they arise," the company stated.

It’s reassuring to see Coinbase taking accountability for the incident and committing to reimburse affected users, as well as working with law enforcement to pursue justice. The decision to offer a reward instead of paying the ransom also demonstrates a strong stance against cyber extortion.

However, it is deeply concerning that such a large-scale breach could occur, especially involving internal access. As the crypto industry becomes more mainstream, security infrastructure must evolve rapidly to meet the growing threat from sophisticated cybercriminals. Users, too, must remain vigilant, as the battle against fraud in the digital finance world is far from over.