Coinbase Rejects $20M Ransom After Data Breach, Offers $20M Bounty

Coinbase recently suffered a cyberattack involving rogue overseas contractors bribed to steal personal data of less than 1% of its monthly active users, including names, addresses, contact information, government IDs, transaction histories, and the last four digits of Social Security numbers. The attackers demanded a $20 million ransom to prevent the release of this information and to cover up the breach, but Coinbase refused to pay and instead established a $20 million bounty for information leading to the arrest and conviction of those responsible. While login credentials, two-factor authentication codes, private keys, and direct access to funds were not compromised, some customers were tricked via social engineering attacks into sending cryptocurrency to the scammers; Coinbase has committed to reimbursing those affected. The company has fired the implicated contractors, is cooperating with law enforcement, and is implementing enhanced security measures, including extra ID checks on large withdrawals and increased insider-threat detection. Coinbase CEO Brian Armstrong emphasized that the company will prosecute the criminals and urged anyone with information to come forward. The estimated financial impact from remediation and reimbursements ranges from $180 million to $400 million.