Coinbase Faces $400 Million Cyberattack Fallout
By Nayab khan
Crypto giant Coinbase has revealed it could face a financial hit of up to $400 million following a cyberattack that breached personal data of some users. The disclosure prompted a 3% decline of the company’s stock price in premarket trading on Thursday.
The attack, which Coinbase disclosed affected a “small subset” of customers, came to light on May 11 after the company received an email from an unknown hacker. The hacker claimed it had sensitive internal documents and account information from the very own Coinbase platform.
The disclosure comes at an important moment for Coinbase, which is planning to enter the S&P 500 index in the upcoming days, a key milestone for the broader cryptocurrency industry.
What Information Was Stolen?
Although login credentials and passwords were not accessed, Coinbase confirmed that some personal data was compromised. This includes:
- Names
- Email addresses
- Physical addresses
- Government-issued identification documents (in some cases)
- The company has committed to reimbursing customers who were deceived into sending funds to the attackers.
Inside Help and Urgent Action
As quoted by “Coinbase,” the hackers paid several contractors and employees located outside the country to leak internal data. When Coinbase discovered this, it terminated all people involved immediately.
The hackers also wanted a ransom of $20 million, which Coinbase refused to pay. Instead, Coinbase is working with law enforcement and it offered a $20 million reward to anyone who can provide information that identifies and arrests the hackers.
“Instead of contributing to criminal activity, we have investigated the incident, strengthened our controls, and would be repaying customers affected by this incident,” Coinbase stated on its blog.
Ongoing Threats in Crypto Security
The Coinbase hack illustrates the heightened security risks within the crypto space. Earlier in 2025, Bybit disclosed it suffered a more than $1.5 billion loss during a separate hack – considered to be one of the largest hacks in crypto history.
According to the Chainalysis, hackers stole $2.2 billion from crypto platforms in 2024. This was the fourth consecutive year that crypto-styled cyber thefts reached over $1 billion annually.
Legal Disclosure and Public Perception
In its formal filing with regulators in the U.S. regarding the incident, the company reaffirmed that they had received the ransom demand, confirming the attack. In their report, the Company stated that they believed they learned of the hack after the hacker contacted them and threatened to publicly release the stolen information if payment was not made.
As Coinbase prepares for its S&P 500 debut, this incident casts a spotlight on the fragility of cybersecurity in even the most prominent digital finance platforms.
[…] of the user’s location or network, and employee training to raise awareness about cybersecurity threats and best practices, equipping their teams to respond effectively to potential risks. […]