Key Notes
- Crypto exchange Coinbase's breach exposed personal data of 69,461 users in December 2024.
- Hackers demanded a $20 million ransom to avoid leaking stolen data.
- Instead of paying, Coinbase is offering a $20 million reward for information about the attackers. .
More information has emerged about Coinbase Global Inc.’s breach, which compromised personal data linked to thousands of users.
A new filing with the Maine Attorney General’s Office confirmed that 69,461 individuals were affected during the December 2024 incident. This raises fresh concerns about security within the crypto industry.
Hackers Demanded a $20 Million Ransom from Coinbase
The Coinbase breach came to light after the company revealed that attackers demanded a $20 million ransom to prevent stolen data from being leaked on the dark web. According to Coinbase, the hackers targeted overseas customer support staff, using cash incentives to gain access to internal systems.
According to the filing , the trading platform is committed to compensating victims amid ongoing investigations.
Although the attackers obtained personal details like names, home addresses, and email information, Coinbase said that passwords, private keys, and user funds were not part of the breach.
This detail was included in the company’s filing with the U.S. Securities and Exchange Commission. Still, many users remain concerned about the long-term impact of having their know-your-customer (KYC) data exposed.
Federal authorities stepped in after the incident. The United States Department of Justice is now investigating the matter at Coinbase’s request. Meanwhile, the Securities and Exchange Commission is reviewing whether the trading platform inflated user numbers ahead of its 2021 public listing.
Coinbase Chief Legal Officer Paul Grewal referred to the SEC’s action as a holdover investigation from a previous administration. He reassured that it may not result in serious consequences.
In a surprising move, Coinbase has offered a $20 million reward for information about the individuals behind the hack. The company hopes the bounty will lead to arrests and send a message to future attackers.
Public Reaction and KYC Concerns Grow as Costs Mount
Coinbase’s months-long delay in responding to the breach has sparked criticism. A well-known tech founder and investor, Michael Arrington, was vocal about the breach’s human toll.
Posting on X, he said the exposed data could cause harm beyond what compensation can fix. He suggested that the cost should be measured in dollars, as should the emotional and physical damage to the victims.
Brian, Thanks for the comments. Apologies for the Bloomberg headline… @emiliemc also mentioned to me after posting that Coinbase had reached out to the DOJ.
I fully understand that holding executives liable criminally would create a situation where the best people wouldn’t…
— Michael Arrington 🏴☠️ (@arrington) May 21, 2025
Coinbase estimates the breach could lead to expenses between $180 million and $400 million to cover damage control and reimbursements. This development occurs as government regulators and users question how secure their data is on major crypto platforms.
Arrington also criticized KYC laws, calling them ineffective and dangerous. He blamed a system where profit motives and weak penalties for data breaches allow such events to continue. He urged stronger rules and more corporate accountability.
It is worth noting that crypto scams have become increasingly common in recent times. The digital asset ecosystem is facing attacks not just on large platforms like Coinbase but also on DeFi protocols.
One of the most notable high-profile hacking cases was the Bybit exploit, which resulted in a historic record-breaking $1.4 billion crypto theft.
However, beyond high-profile breaches like this, everyday investors also fall victim to well-planned scams. Recently, a woman from Maryland lost $3 million in a crypto scam known as “pig butchering.” The fraudsters, believed to be from Southeast Asia, built trust over several weeks using a fake Korean messaging app before stealing her funds.
nextDisclaimer: Coinspeaker is committed to providing unbiased and transparent reporting. This article aims to deliver accurate and timely information but should not be taken as financial or investment advice. Since market conditions can change rapidly, we encourage you to verify information on your own and consult with a professional before making any decisions based on this content.
