5 hours ago
2
Coinbase rejected a $20 million ransom demand after insiders leaked user data in a phishing scheme. Less than 1% of users were affected, the firm said.
Coinbase, the world’s third-largest cryptocurrency exchange, was hit by a $20 million ransom demand as cyber criminals attempted to steal sensitive user data from the exchange.
Cyber criminals have bribed and recruited a “group of overseas support agents” to steal Coinbase customer data to facilitate social engineering schemes such as phishing attacks.
“These insiders abused their access to customer support systems to steal the account data for a small subset of customers,” wrote Coinbase in a May 15 X post, adding that no passwords, private keys, funds, or Coinbase Prime accounts were affected.
Less than 1% of Coinbase’s monthly transacting users’ data was affected by the attack.
Source: CoinbaseAfter stealing the data, the attackers “tried to extort Coinbase for $20 million to cover this up,” which the exchange refused.
Related: Ukraine strategic Bitcoin reserve bill reportedly in final stages
Instead, Coinbase will establish a $20 million reward for information leading to the arrest and conviction of these attackers.
Scammers often masquerade as the most recognized brands to inspire a fake sense of trust in their victims.
U.S. brands impersonated by scammers the most. Source: MailsuiteIn 2024, Coinbase was the most impersonated cryptocurrency brand by scammers, but the Meta platform was targeted by over 25 times as many scammers as the crypto exchange, Cointelegraph reported in June 2024.
Related: Top South Korean presidential hopefuls support legalizing Bitcoin ETFs
English (US) · 