Cryptocurrency exchange Coinbase said Thursday it had been hacked by cyber thieves demanding a $20 million ransom not to publicly release stolen customer data in a breach that could cost the company up to $400 million.
“Cyber criminals bribed and recruited a group of rogue overseas support agents to steal Coinbase customer data to facilitate social engineering attacks,” Coinbase CEO Brian Armstrong said in a statement. “These insiders abused their access to customer support systems to steal the account data for a small subset of customers. No passwords, private keys or funds were exposed, and Coinbase Prime accounts are untouched.”
The thieves can’t move funds on their own, Armstrong said, but they have enough data to call customers and masquerade as Coinbase support agents to trick them into sending money.
The breach affected fewer than 1% of Coinbase’s monthly transacting users, the CEO said, adding that anyone who had fallen prey to the crypto grab and sent funds to a fake agent would be reimbursed.
The offending workers have since been fired and will face criminal charges, while Coinbase will relocate some of its customer support operations as a result.
Rather than allowing the company to be extorted, Armstrong said he was offering a $20 million award for information leading to the attackers’ arrest and conviction.
The news dropped just as The New York Times reported that the Securities and Exchange Commission was investigating whether Coinbase had misrepresented its user numbers in past filings. Coinbase confirmed the investigation to CNBC.
In a regulatory filing on Thursday, Coinbase, which is poised to enter the S&P 500 next week, said fixing the hack could cost between $180 million and $400 million. The company’s stock dropped by about 6%.
With News Wire Services
