Imagine getting a call from “Coinbase support” asking you to move your crypto to a “secure wallet” – only to lose everything. This nightmare became reality for 69,461 Coinbase users after hackers bribed customer service agents to steal sensitive data. The crypto giant now faces up to $400 million in costs from this digital heist.
How hackers turned employees into data thieves
Between December 2024 and May 2025, cybercriminals targeted overseas support agents in India working for Coinbase. “They offered cash payments to copy customer data from our systems,” revealed Chief Security Officer Philip Martin. The bribed employees handed over:
- Full names and home addresses
- Phone numbers and email addresses
- Last 4 digits of Social Security numbers
- Scans of driver’s licenses and passports
- Account balances and transaction histories
Maria Gonzalez, a small investor from Texas, lost $8,000 this way. “The caller knew my account balance and recent trades – I thought it was real,” she told us. Her story echoes hundreds of similar scams enabled by the breach.
The $20 million showdown
On May 11, 2025, Coinbase received an ultimatum: Pay $20 million in bitcoin or watch stolen data leak online. CEO Brian Armstrong shot back in a viral video: “We don’t negotiate with digital terrorists.” Instead, Coinbase offered a $20 million bounty for information leading to arrests.
The company’s stock initially dropped 6% but rebounded after announcing:
- Full refunds for scammed users
- Free credit monitoring for victims
- New US-based support center replacing some overseas operations
What wasn’t stolen
While personal data leaked, Coinbase confirms:
- No passwords or private keys were compromised
- Crypto wallets remained secure
- Prime accounts for big investors weren’t touched
“This wasn’t a technical hack – it’s old-fashioned corruption with digital consequences,” explains cybersecurity expert Lisa Wang. The breach reveals how insider threats pose bigger risks than sophisticated hackers for crypto platforms.
Protecting yourself moving forward
Coinbase recommends all users:
- Enable withdrawal allow-listing (only send crypto to pre-approved addresses)
- Use authenticator apps instead of SMS for 2FA
- Never share seed phrases – even with “support agents”
As the FBI tracks the digital breadcrumbs, one thing’s clear: In crypto’s wild west, trust no one – not even official-looking calls. Your best protection? Assume every unsolicited contact is a scam until proven otherwise.
