Coinbase strikes back at hackers with $20 million bounty
Coinbase declares war on fraud after $20M ransom attempt
Coinbase, the world's third largest cryptocurrency exchange, has refused to pay a $20 million ransom after a small group of cryptoscammers, along with outside customer support contractors, disclosed sensitive user data.
The company, in a May 15 blog post, disclosed that less than 1% of its monthly transacting users were affected, and no funds, passwords, or private keys were compromised.
Key takeaways
- Coinbase refused a $20 million ransom after a data breach involving external support contractors.
- Less than 1% of users affected, with no impact on funds, private keys, or passwords.
- $20 million reward offered to identify and prosecute the attackers.
Insider breach and attempted extortion
According to Coinbase’s official statement, the breach was executed by cybercriminals who bribed customer support contractors located overseas. These insiders exploited their access to customer systems to steal limited account data. No financial or authentication credentials were leaked, but the attackers attempted to extort the company by threatening to disclose the breach.
Loading...
Coinbase responded by immediately severing access for the compromised contractors and initiating an internal investigation. Law enforcement agencies have been engaged, and Coinbase’s threat intelligence team is actively pursuing leads.
This event came at an important time, when Coinbase Global was listed in the prestigious S&P 500 index and became the first cryptocurrency company in the S&P 500. Against this backdrop, COIN's share price rose to $263.43.
COIN price dynamics (May 2025). Source: TradingView
Standing firm and going on the offensive
Rather than succumb to the attackers’ demand, Coinbase has taken a proactive approach by offering a $20 million bounty—equal to the original ransom—for information that leads to justice. This mirrors a broader trend in the crypto industry of resisting ransom demands and instead empowering communities and authorities to trace and capture cybercriminals.
The exchange has previously emphasized its commitment to security and transparency. With over 110 million verified users, Coinbase continues to be a key player in onboarding institutions and retail users into the digital asset ecosystem.
Conclusion
As crypto platforms grow in complexity and scale, insider threats and third-party vulnerabilities become more pressing. Coinbase’s defiant response and strategic reward initiative may set a precedent for how large digital asset firms address extortion and data breaches moving forward.
We also wrote earlier that Coinbase avoids Bitcoin overexposure, focuses on stability.
