Coinbase said on Thursday that it expects to lose between $180 million and $400 million after a cyberattack exposed customer information and triggered a nearly 3% drop in its stock.
The statement came just four days after the company got an email from a threat actor on May 11, claiming access to internal documents and customer account data. The company confirmed the breach and blamed a targeted social engineering scheme.
According to Reuters, some data like names, email addresses, and home addresses were stolen, but login credentials and passwords were not compromised.
Still, Coinbase said it will reimburse users who were tricked into sending crypto to the attacker. The exchange also said it has already started working with law enforcement agencies.
Coinbase confirms insider involvement and responds with firings and new security moves
Coinbase reported that the attackers had paid contractors and employees based outside the US to help carry out the breach. These people were in support roles, not developers or executives. Every single one of them has now been terminated, and the company is tightening up internal vetting procedures.
The breach landed just as Coinbase is preparing to be added to the S&P 500, a major benchmark index in traditional finance. But the timing has turned awkward, as trust and security questions come up right before what was supposed to be a big moment for the crypto exchange.
Bo Pei, who is an analyst at US Tiger Securities, said the breach “may push the industry to adopt stricter employee vetting and introduce some reputational risks.” The issue isn’t just bad press—it’s showing how internal access can be a bigger weakness than external hacks.
Coinbase refused to pay a $20 million ransom the hacker demanded after contacting the company. Instead, it offered a $20 million reward to anyone who can help identify the individuals or group behind the attack. The company is betting on public cooperation rather than negotiation.
The event comes in the middle of a rough time for crypto security. Back in February, Bybit, another exchange, confirmed a $1.5 billion theft, one of the largest crypto hacks to date. Chainalysis reported that $2.2 billion was stolen from crypto platforms just in 2024 alone.
Nick Jones, who runs crypto firm Zumo, said, “As our nascent industry grows rapidly, it draws the eye of bad actors, who are becoming increasingly sophisticated in the scope of their attacks.” That includes targeting staff, not just servers.
Coinbase also announced it’s opening a new support center in the US, part of its plan to reduce reliance on offshore personnel and tighten security practices across the board.
Cryptopolitan Academy: Coming Soon - A New Way to Earn Passive Income with DeFi in 2025. Learn More
