Coinbase opens $20 million bounty for information on cyber attackers
|- Coinbase issued a $20 million bounty for information on the identity of attackers who breached its customer support.
- The bad actors had tricked customers into sending them funds, but didn't hack any accounts.
- Blockchain investigator ZachXBT had earlier reported about attackers stealing $45 million from Coinbase users.
Coinbase disclosed a recent customer support breach on Thursday, where attackers accessed sensitive data and defrauded several users. The exchange has offered a $20 million reward for information about the perpetrators.
Coinbase issues $20 million bounty following breach of customer support
Coinbase opened a $20 million reward for anyone who can provide the identity of looters who attempted to extort the company over a portion of its user data.
The bad actors targeted the exchange's customer support center by paying employees to provide them with user information. As a result, they managed to gather information belonging to less than 1% of Coinbase customers.
The attackers then contacted affected users, pretending to be from Coinbase support and tricked them into sending money through the exchange. Although several users fell victim to the fraudulent act, none of their accounts were hacked during the process.
"Their aim was to gather a customer list they could contact while pretending to be Coinbase — tricking people into handing over their crypto," Coinbase noted in a blog post on Thursday.
The bad actors also sought a ransom of $20 million from Coinbase to conceal the identity of the customers, exchange materials and customer support information, which the exchange refused to pay.
As a response, Coinbase said it took legal action to expose the perpetrators and recover stolen funds. The exchange also stated that it would refund affected customers as it is tracking the wallets holding the stolen cryptocurrencies.
"Instead of funding criminal activity, we have investigated the incident, reinforced our controls, and will reimburse customers impacted by this incident," Coinbase wrote.
Coinbase shared in a filing with the US Securities and Exchange Commission (SEC) that it estimates expenses of approximately $180 million to $400 million due to the incident. Before accounting for potential losses, the funds will be used for remediation and voluntary customer reimbursements.
The recent development follows several hacker activities traced to Coinbase in recent months. Blockchain investigator ZachXBT reported that several Coinbase users were victims of a $45 million theft through social engineering scams earlier in May. The on-chain sleuth has reported three exploitation scams from the exchange in 2025, with "nine figures stolen" from users.
Information on these pages contains forward-looking statements that involve risks and uncertainties. Markets and instruments profiled on this page are for informational purposes only and should not in any way come across as a recommendation to buy or sell in these assets. You should do your own thorough research before making any investment decisions. FXStreet does not in any way guarantee that this information is free from mistakes, errors, or material misstatements. It also does not guarantee that this information is of a timely nature. Investing in Open Markets involves a great deal of risk, including the loss of all or a portion of your investment, as well as emotional distress. All risks, losses and costs associated with investing, including total loss of principal, are your responsibility. The views and opinions expressed in this article are those of the authors and do not necessarily reflect the official policy or position of FXStreet nor its advertisers.