Coinbase Turns Tables on Would-Be Extortionists, Offers $20M Bounty for Information
By: decrypt|2025/05/15 13:15:05
0
Share
Coinbase Turns Tables on Would-Be Extortionists, Offers $20M Bounty for Information The attackers sent a ransom note demanding $20 million in Bitcoin, threatening to publish stolen customer data if Coinbase didn’t pay. Decrypt’s Art, Fashion, and Entertainment Hub. Cybercriminals tried to blackmail Coinbase into paying $20 million in Bitcoin over stolen customer data. Instead of paying up, the crypto exchange is offering the same amount as a bounty to help bring the perpetrators to justice. The crypto exchange revealed how rogue overseas support agents were bribed by the criminals to leak sensitive user data, including names, addresses, masked bank details, and ID documents, in a blog post published Thursday. Cyber criminals bribed and recruited rogue overseas support agents to pull personal data on <1% of Coinbase MTUs. No passwords, private keys, or funds were exposed. Prime accounts are untouched. We will reimburse impacted customers. More here: https://t.co/SidVn59JCV — Coinbase ️ (@coinbase) May 15, 2025 While no funds, passwords, or private keys were compromised, and Coinbase Prime accounts remained "untouched," the attackers used the data to launch targeted social engineering scams on customers. “They then tried to extort Coinbase for $20 million to cover this up. We said no,” the company wrote in their statement. A video statement from CEO Brian Armstrong was cited by Coinbase in lieu of a direct response to Decrypt , in which he declared, “We are not going to pay your ransom.” In a move mirroring the plot of the 1996 film "Ransom," Armstrong added that he had, “a few next steps in mind... We’re putting out a $20 million award for any information leading to the arrest and conviction of these attackers,” the CEO said. https://t.co/evpIBMFvRW pic.twitter.com/f6UPdkL5R0 — Brian Armstrong (@brian_armstrong) May 15, 2025 The counter-move marks a shift in how crypto firms are responding to criminal threats. While companies typically offer bounties to encourage hackers to return stolen assets, Coinbase is using the reward to go on the offensive against cybercriminals. “This is a huge problem in the industry, and it’s only getting worse,” said Philip Martin, Coinbase’s Chief Security Officer, in an interview with Fortune . He confirmed the compromised support agents were based in India and have all been terminated. “Hell no!” Martin added how the ransom demand came with a threat to publish the stolen data unless Coinbase paid. “The knee-jerk reaction of every single person who heard we were being extorted was ‘hell no!’” he said. Coinbase said it is working with law enforcement, has tagged the attackers' wallet addresses, and will reimburse any customer who lost funds due to the social engineering attack. The company is also launching a new U.S.-based support hub and tightening access controls across its systems. “We will prosecute you and bring you to justice,” Armstrong said in his closing message to the attackers. “Now you have my answer.” Daily Debrief Newsletter
You may also like
'Bottom building in progress': Analysts say bitcoin holder capitulation signals late-stage bear market
A Comprehensive Analysis: Starting from 1996, Who is Laying the Foundation for the Next Generation of Capital Markets
Luke Dashjr, the Biggest Anti-Spammer of Bitcoin, Inscribed Phrases on the Network in 2011
Whales bought 270,000 BTC while ETFs bled $7 billion. One side is wrong
The crypto IPO class of 2025-26 is down as much as 89%. Autopsy of a listing boom
Robinhood Chain Mining Guide: A Comprehensive Tutorial from Cross-Chain to Memecoin
BitGo CEO says single-digit percentages of bitcoin's supply are 'probably right' for large holders amid Strategy's sale
Beyond Private Keys: How to Safeguard the Security Boundaries of Web3 from Wallets, L2 to Supply Chains?
Vanguard Enters the Market, Opening a New Crypto Gateway for 50 Million Traditional Investors
Why the OUSD Alliance of 150 Companies Still Cannot Shake USDT and USDC?
Citigroup Analysis: Is There Still 47% Upside for Nvidia? Can Rubin and CPO Deliver?
WEEX API Fast Connect: Turn Every Sign-In Into a Live Trader in Under 10 Seconds
WEEX API Fast Connect is a one-click OAuth authorization system that lets your users link their WEEX account without ever touching an API key. Frictionless onboarding, faster conversions, higher retention — built for WEEX Broker partners.
Bitcoin's dwindling exchange reserves don't pack the same bullish punch anymore
From Le Mans to the Rollercoaster: Carl Moon Takes On Portimão
Crypto world renowned KOL and racing driver Carl Moon, backed by WEEX, heads to the Ferrari Challenge Portugal round at the Algarve International Circuit, July 16–19, fresh off a podium finish at Le Mans. Here's why this race is one to watch.
Fast execution. Split-second accuracy. Security that never blinks. That's WEEX — and that's exactly how Carl races.
The Downfall of a Public Company: A $1.46 Billion Bet on WLFI, $540 Million Went to the Trump Family
Dragonfly Partner: BTC is Intergenerational Wealth, Optimistic About ETH and SOL
Goldman Sachs Calls to Go Long on Chinese AI: $4 Trillion Market Value Behind, Global Funds Only Allocated 1.2%
The New Landscape of Cryptocurrency in Europe: Why Germany Takes Center Stage?
'Bottom building in progress': Analysts say bitcoin holder capitulation signals late-stage bear market
A Comprehensive Analysis: Starting from 1996, Who is Laying the Foundation for the Next Generation of Capital Markets
Luke Dashjr, the Biggest Anti-Spammer of Bitcoin, Inscribed Phrases on the Network in 2011
Whales bought 270,000 BTC while ETFs bled $7 billion. One side is wrong
The crypto IPO class of 2025-26 is down as much as 89%. Autopsy of a listing boom
Robinhood Chain Mining Guide: A Comprehensive Tutorial from Cross-Chain to Memecoin
Customer Support:@weikecs
Business Cooperation:@weikecs
Quant Trading & MM:bd@weex.com
VIP Program:support@weex.com
