Coinbase fell victim to extortion, with attackers claiming they had confidential information on its users. Coinbase was targeted in a security exploit aimed at its customer representatives. On Thursday, May 15, Coinbase CEO Brian Armstrong revealed that the company had received a $20 million ransom email, to which Armstrong made it clear the company has no intention of complying. https://t.co/evpIBMFvRW pic.twitter.com/f6UPdkL5R0 — Brian Armstrong (@brian_armstrong) May 15, 2025 According to Armstrong, the attackers threatened to release sensitive information about Coinbase customers unless the exchange paid the ransom. Instead of complying, Armstrong responded publicly, declining the payment and vowing to pursue the extortionists. “I want to make you aware of a disturbing email were received recently at Coinbase. It was a ransom not demanding $20 million in Bitcoin in exchange for these attackers not to release some information they obtained on our customers,” said Brian Armstrong of Coinbase, adding that “I want to respond publicly to these attackers by saying no.” You might also like: Coinbase Wallet sparks backlash with new encrypted messaging feature Instead of paying the ransom, Armstrong announced that the company would offer the equivalent of $20 million for any information leading to the arrest of the attackers. Coinbase will also strengthen its security protocols across the board. How Coinbase attackers gained customer info According to Coinbase’s internal investigation, the attackers obtained customer data by targeting Coinbase’s overseas customer support representatives. They bribed some of these reps in exchange for sensitive user information. You might also like: Russian ransomware generates over $500m in crypto proceeds, TRM Labs says These representatives don’t have access to private keys or passwords. However, the information they had, such as dates of birth and contact information, allowed the attackers to perform social engineering attacks. Specifically, they contacted the users, pretending they were support agents, and tricking them out of their crypto. Armstrong stated that Coinbase would reimburse any customers who lost crypto in this manner. The company is also relocating some of its customer support centers in response, although Armstrong did not disclose which locations would be affected. Read more: Coinbase stock jumps 8% as it becomes first crypto company to be included in S&P 500
