# Coinbase Says Hackers Bribed Employees For Customer Data—Here’s What To Know
In a shocking revelation, cryptocurrency exchange operator Coinbase has disclosed that hackers bribed some of its overseas employees to obtain sensitive customer data, sparking concerns about the security and integrity of digital assets.
On Thursday, Coinbase filed a Securities and Exchange Commission (SEC) statement detailing an "unknown threat actor" who claimed to have stolen data from less than 1% of its monthly users. The email, sent on May 11, demanded $20 million in bitcoin in exchange for not publicly disclosing the customer data. However, Coinbase denied the request and has contacted law enforcement.
"We're extremely sorry that some of our support agents were bribed and recruited by the attackers to copy customer data," said Brian Armstrong, CEO of Coinbase. "These individuals have been immediately terminated, and we're offering full reimbursement to any customers who lost money from this incident."
According to Coinbase, the cyber criminals targeted support agents and contractors outside the US with cash to copy customer data. The stolen information included users' names, addresses, phone numbers, emails, social security numbers, bank account numbers, government-issued ID images from driver's licenses and passports, balance and transaction history, and some corporate data.
However, Coinbase assured that login credentials, access to customer funds, and access to any Coinbase wallets were not compromised. The company has estimated remediation costs between $180 million and $400 million, although these costs could increase after a full review of other potential losses.
# How Did the Hack Happen?
The hack was reportedly detected by Coinbase's security team, which had been monitoring instances of support agents collecting information about the company's internal systems in the months leading up to the email. The attackers exploited human vulnerability, bribing employees with cash to compromise customer data.
"This is a clear example of a targeted attack on our overseas customer support agents," Armstrong said. "The attackers were able to find a few bad apples who would accept a bribe in exchange for sharing customer information with them."
# What Can You Do?
If you're a Coinbase user, there's no need to panic. The company is offering full reimbursement to any customers who lost money from the incident.
Coinbase has also announced a $20 million bounty for anyone with information leading to the criminals' arrest. If you have any information or suspect someone may be involved in this hacking scheme, please contact law enforcement immediately.
The disclosure comes just days before Coinbase joins the S&P 500 index next week and amid a growing concern about cybersecurity in the cryptocurrency industry.
Other crypto firms have been targeted recently, with an estimated $2.2 billion lost to similar incidents in 2024, researchers said. The FBI has also claimed hackers from North Korea were responsible for stealing about $1.5 billion in virtual assets from the crypto exchange Bybit earlier this year.
Stay safe and stay informed!