Coinbase refuses $20M ransom after support agent data breach
Summary
Coinbase faced a $20 million ransom demand after cyber criminals attempted to steal sensitive user data by bribing overseas support agents. These insiders misused their access to customer support systems, affecting less than 1% of monthly transacting users. No passwords, private keys, funds, or Coinbase Prime accounts were compromised. Coinbase refused to pay the ransom and instead offered a $20 million reward for information leading to the attackers' arrest and conviction. In 2024, Coinbase was the most impersonated cryptocurrency brand, though Meta faced significantly more impersonation attempts.
