Coinbase has reported that employees and contractors were bribed to steal customer data for use in social engineering attacks, a breach that could cost the crypto exchange between $180 million and $400 million to resolve.
In a filing with the SEC, the company disclosed that the stolen data included names, addresses, emails, masked social security numbers, masked bank account numbers, government ID images, account information, and some corporate data. Fortunately, passwords and private keys were not compromised.
According to Coinbase, the criminals paid multiple employees and contractors located outside the U.S. to exploit their access to customer support systems, targeting a “small subset” of customers. The attackers demanded a $20 million ransom for the stolen data, but Coinbase refused to pay.
In response, the company is setting up a $20 million reward fund for information leading to the arrest and conviction of those involved in the incident. Additionally, any customers who were deceived into sending funds to the attackers will be reimbursed.
To address the situation, Coinbase is actively tracing the stolen funds, collaborating with law enforcement, implementing additional identity verification for flagged accounts, and establishing a new support hub in the U.S.