Coinbase data breach: Potential losses up to $400M

One of the world’s largest cryptocurrency exchanges, Coinbase, has reported a massive data breach that could cost the company up to $400 million. The incident exposed confidential user information, including KYC documents, physical addresses, phone numbers, and banking details.

Blackmail, Insider Threats and a $20M Demand

According to a filing with the SEC, Coinbase received an email on May 11, 2025, from an unknown hacker claiming to have accessed sensitive user data. The attacker demanded $20 million in exchange for not leaking the information. An internal investigation revealed that the breach was enabled by bribing customer support employees, who were immediately dismissed.

The compromised data includes:

• personal user information (name, address, email);
• KYC documents (ID copies);
• corporate documentation;
• encrypted banking data and some unique identifiers.

Coinbase estimates that around 1% of its users were affected. The exact timing of the breach remains undisclosed.

Coinbase Refuses to Pay, Offers Reward Instead

Rather than meeting the extortion demands, Coinbase set up a $20 million fund to reward individuals who help identify and apprehend the perpetrators. While no operational losses were reported, the company expects total remediation costs to range between $180 million and $400 million.

The incident sparked backlash in the crypto community. Wintermute CEO commented that such cases highlight the «dark side of the senseless KYC/AML regime,» which sacrifices user privacy under the guise of regulatory compliance.

Crypto detective ZachXBT previously noted that Coinbase is among the centralized exchanges most frequently targeted in phishing-related scams.