Coinbase CEO Brian Armstrong is publicly tackling the recent cyber attacks that have targeted the company’s customer data through insider conspiracy and have created $20 million in Bitcoin ransom demand.
In a video statement shared on X, Armstrong confirmed that Coinbase has received threatening emails from cybercriminals claiming to own sensitive customer information and claiming to have demanding payments to keep it private with Bitcoin.
https://t.co/evpibmfvrw pic.twitter.com/f6updkl5r0
– Brian Armstrong (@brian_armstrong) May 15, 2025
Armstrong rejected demand altogether and said the exchange would not comply. Instead, the company offers a $20 million reward for information that will result in identification, arrest and convictions of those responsible for the attack.
what happened?
According to Coinbase, the violation came from a group of overseas customer support agents who were bribed and recruited by attackers. These fraudulent insiders abused limited access rights to retrieve personal customer data such as names, date of birth and address.
The passwords, private keys and funds were not breached, but the information accessed was used to launch a social engineering attack aimed at guiding the customer to transfer the customer to an attacker.
The company reported that less than 1% of monthly trading users were affected. Coinbase admitted that the violation was unacceptable.
As part of that response, major US exchanges are relocating some of their customer support operations and implementing additional security measures to increase protection for customer data.
The exchange also confirmed that it would be fully refunded to send funds to deceived customers as a result of the attack. Details of the refund process are available on the company’s website.