Coinbase refused to pay a $20M ransom after insider-led data theft and instead launched a $20M reward fund to catch the culprits.
Less than 1% of Coinbase users were impacted as hackers bribed overseas agents to leak data but failed to access any user funds or keys.
Coinbase is tightening internal security with a new U.S. support hub, enhanced monitoring, and strict ID checks on high-risk accounts.
Coinbase has disclosed a serious security breach affecting less than 1% of its monthly transacting users (MTUs). Cybercriminals targeted overseas customer support contractors. These rogue insiders were bribed to extract personal data from Coinbase's internal tools. The attackers demanded a $20 million ransom. However, Coinbase refused to comply.
Instead, it launched a $20 million reward fund for leads on the perpetrators. Notably, no passwords, private keys, or funds were accessed. Coinbase Prime accounts remain fully secure. Impacted users are already receiving reimbursements. This breach comes days before Coinbase joins the S&P 500 index, a milestone moment for the crypto exchange.
Attackers Exploit Insider Access
The attackers lured a few foreign support agents with cash incentives. Consequently, they leaked sensitive user data. Names, addresses, phone numbers, email addresses, and partially camouflaged Social Security numbers are among the stolen data. Account balances, camouflaged bank information, government-issued ID photos, and a small number of internal papers were also made public.
However, the attackers failed to gain access to user credentials, two-factor authentication codes, or wallets. They also couldn’t touch Coinbase Prime or any cold or hot wallet infrastructure. Hence, customer funds remain secure.
Coinbase took swift action. The compromised contractors were terminated immediately. Their information has been passed to law enforcement agencies. The company is working with U.S. and international authorities to prosecute the culprits.
Strengthening Security Across Operations
Moreover, Coinbase is enhancing its security infrastructure. The company is opening a new support hub in the U.S. This move aims to reduce reliance on overseas agents. Additionally, advanced insider-threat detection systems are now in place. Coinbase has implemented stricter controls and continuous monitoring across its operations.
Furthermore, customer-facing measures have also improved. Affected accounts now require extra ID verification for high-value withdrawals. Scam-awareness prompts have also been added to the withdrawal process. Users might experience some delays as Coinbase closely monitors suspicious activity.
The exchange is collaborating with industry peers to track the attackers’ wallet addresses. Authorities are actively tracing the stolen funds. Coinbase has vowed not to support criminal activity. Instead, it will reward justice-driven leads with its newly announced bounty fund.
The post Coinbase Rejects $20M Ransom, Launches Security Overhaul appears on Crypto Front News. Visit our website to read more interesting articles about cryptocurrency, blockchain technology, and digital assets.