- Coinbase faces insider data breach affecting customer information.
- Less than 1% of users’ data affected.
- Coinbase offers a $20M reward for arrest leads.
The recent data breach at Coinbase has come to light, with cybercriminals accessing customer data through bribed overseas support agents since January 2025. In response, CEO Brian Armstrong confirmed legal actions are being pursued.
Coinbase’s breach highlights the risk of insider threats compromising personal identifiable information, prompting legal and practical responses from the company. Exchange operations remain unaffected as user funds were secure.
Coinbase confirmed hackers accessed customer data through bribed overseas contractors. The breach, beginning in January 2025, involved targeting support agents to obtain user information. Personal details, not on-chain assets, were exposed during this period. CEO Brian Armstrong pledged cooperation with law enforcement, refusing extortion demands. Instead, a $20 million reward was announced to capture the culprits.
Chief Security Officer Philip Martin emphasized that hackers did not have continuous access throughout the breach.
The breach affected less than 1% of monthly users, with exposure limited to personal data. No customer funds or passwords were compromised, according to Coinbase. The breach’s discovery has not disrupted market operations; trading continues without considerable liquidity changes.
No abnormal activity in Total Value Locked (TVL) or exchange liquidity indicates unaffected trading and fund security. However, the incident raises concerns over potential phishing using stolen personal data. Due to the nature of the breach, no new regulatory directives are currently announced, but heightened vigilance against phishing alerts users to potential identity theft risks.
Insights suggest the breach could lead to stricter internal control regimes within crypto exchanges to mitigate insider risks. Comparison with past attacks reveals shifts from direct financial theft towards personal data theft strategies, necessitating increased cybersecurity measures.
