Coinbase, the cryptocurrency trading platform, disclosed that it anticipates financial losses ranging from $180 million to $400 million as a result of a recent cyberattack. The incident exposed the personal information of a limited number of its users.
In a filing with the Securities and Exchange Commission, Coinbase stated that on May 11, it received an email from an individual alleging they had acquired data linked to specific customer accounts, along with internal company documents. These materials reportedly included information related to Coinbase’s customer support and account management systems.
The email threatened to release the information publicly unless a payment was made. However, Coinbase has stated that it did not comply with the demand and is actively working with law enforcement as part of the ongoing investigation.
In a video shared by Coinbase co-founder and CEO Brian Armstrong, it was revealed that the attackers requested a $20 million ransom. Coinbase declined to meet this demand and is now offering a $20 million reward for any information that results in the identification, arrest, and prosecution of the individuals involved.
It’s time to get stablecoin legislation passed to create clear rules for crypto in America.
52m Americans have used crypto and want to see regulatory clarity. pic.twitter.com/IeLYaxan5b— Brian Armstrong (@brian_armstrong) May 14, 2025
In a recent blog post, Coinbase announced that it will compensate users who were deceived into transferring money to a malicious actor. According to the company, the breach allowed hackers to access personal information including names, addresses, phone numbers, and email addresses. Additionally, they obtained partially obscured Social Security numbers (limited to the last four digits), masked bank account details, and images of official identification documents such as driver’s licenses and passports. Coinbase emphasized that no account passwords or private keys were compromised in the incident.