On May 15, 2025, Coinbase announced that cybercriminals had successfully bribed Coinbase customer service agents who reside outside the United States to hand over personal data on Coinbase customers. According to Yahoo!Finance, the criminals have demanded $20 million in exchange for the return of the information. Coinbase has refused to pay the ransom. See https://finance.yahoo.com/news/coinbase-stock-drops-after-cyberattack-and-news-of-a-sec-investigation-165523301.html. Forbes reported that Coinbase’s CEO Brian Armstrong said that the criminals had been approaching Coinbase’s overseas customer support agents, looking for a “weak leak” who would accept a bribe in exchange for sharing customer information with them: “unfortunately, they were able to find a few bad apples.” See https://www.forbes.com/sites/tylerroush/2025/05/15/coinbase-says-hackers-bribed-employees-for-customer-data-heres-what-to-know/.
Yahoo!Finance further reported that the criminals stole customer information that includes emails, physical addresses, phone numbers, and government identification details (including the last four digits of Social Security numbers), along with some bank account identifiers and snapshots of customer balance data and transaction histories. According to Forbes, data taken by the cybercriminals also includes corporate data like training materials and communications with support agents. AP has reported that the information Coinbase admits was sold by its representatives to criminals allows those bad actors to conduct social engineering attacks through which they can contact Coinbase customers and impersonate Coinbase customer support in order to try to trick the customers into sending their assets to the bad actors. See https://apnews.com/article/coinbase-hack-crypto-exchange-ransom-e3ef5297dfea296eb7b7320d8c58647e.
The personal information stolen also is a tool through which criminals may attempt to commit identity theft and other fraud. As a result, the information stolen from Coinbase also may be sold or posted on the dark web for other criminals to exploit. Further, criminal data brokers use stolen information of this type to build digital profiles that may be resold without a victim’s knowledge and used to commit other crimes, against the rightful owner of the information and against others.
Coinbase has asserted that less than one percent of its monthly users were affected by the hack. See https://www.coinbase.com/blog/protecting-our-customers-standing-up-to-extortionists. Coinbase, the largest cryptocurrency exchange in the United States, has eight million monthly users. In a filing with the Securities and Exchange Commission, Coinbase estimated that it would have to spend between $180 million to $400 million relating to remediation costs and voluntary customer reimbursements relating to the incident. Coinbase. (2025). Form 10-K 2025. (https://www.sec.gov/Archives/edgar/data/1679788/000167978825000094/coin-20250514.htm?7194ef805fa2d04b0f7e8c9521f97343).
Our firm receives multiple daily inquiries from individuals who have experienced financial losses due to issues such as asset misappropriation, platform insolvencies, and deceptive marketing practices. In response, we are actively litigating cases against major cryptocurrency platforms, including Coinbase, FTX, and Binance, on behalf of affected investors.
Given the complexities of cryptocurrency transactions and the evolving legal landscape, individuals and institutions should consider consulting with cryptocurrency experts to assess their risk exposure and potential legal options. Investors are encouraged to conduct thorough due diligence before engaging with cryptocurrency exchanges or investment opportunities.
For those impacted by potential fraud or platform misconduct, legal remedies may be available, but timely action is critical.
For further information, consult a legal or financial professional with expertise in cryptocurrency regulations and litigation.
John Herman
Herman Jones LLP
+1 404-504-6500
hjadmin@hermanjones.com
Visit us on social media:
X
LinkedIn