The cryptocurrency platform Coinbase has fallen victim to a major cyberattack that compromised the personal data of thousands of users, including names, addresses, and email accounts.

Although the attackers did not directly access login credentials, they successfully tricked support employees into revealing confidential information.

The attack, first detected in January 2025, relied on social engineering techniques and bribes to subcontracted workers, particularly in India. Hackers posed as Coinbase employees to manipulate users into transferring funds to accounts under their control.

💸 Economic impact and company response

• User losses are estimated between $180 and $400 million.
• The attackers are demanding a $20 million ransom to avoid leaking the stolen data.
• Coinbase has fired the involved employees and launched an internal investigation.
• The company has promised to reimburse affected customers for the fraud.
• Additionally, Coinbase is offering a $20 million reward for information leading to the identification of those responsible.

Source: 20minutos