Shares of Coinbase Global fell more than 7% on Thursday after the cryptocurrency exchange disclosed a significant cyberattack that compromised customer account data and could cost the company up to $400 million.
Coinbase Shares Details of Security Breach
https://t.co/evpIBMFvRW pic.twitter.com/f6UPdkL5R0
— Brian Armstrong (@brian_armstrong) May 15, 2025
In a regulatory filing submitted Thursday, Coinbase revealed that the breach affected a “small subset” of its users. Stolen information included customer names, addresses, phone numbers, email addresses, and government-issued ID photos. But, the company assured that passwords and private keys were not compromised.
The platform, which manages over $328 billion in assets, said the breach was orchestrated by cybercriminals who bribed overseas support contractors to gain unauthorized access to sensitive information. According to Coinbase, the insiders used their access to support systems to carry out targeted social engineering attacks.
The breach came to light after Coinbase received an email on May 11 from an unknown actor claiming to possess both internal documents and customer data. The hackers have demanded a $20 million ransom in exchange for not leaking the stolen information. Coinbase has refused to pay the ransom and has instead terminated the involved employees and handed them over to law enforcement.
“Cybercriminals bribed and recruited a group of rogue overseas support agents to steal Coinbase customer data,” the company explained in a blog post. Coinbase highlighted that its cooperating with authorities and reiterated its goal to seek the “harshest penalties possible” for those responsible.
In addition to addressing the breach internally, Coinbase has also announced a $20 million reward for information leading to the arrest and conviction of those behind the attack. The company is also taking steps to improve its cybersecurity defenses and plans to launch a new US-based support hub.
Even as Coinbase did not disclose how many users were directly impacted, it confirmed that customer reimbursements and other remediation efforts could total between $180 million and $400 million. Coinbase also said it will reimburse users who were tricked into sending funds as a result of the breach.
Separately, the Coinbase stock price had jumped 4.6% as it announced a partnership with online payment company PayPal to scale the adoption, distribution, and utilization of the PayPal USD (PYUSD) stablecoin. The collaboration aims to provide a seamless value for users by making PYUSD more accessible and useful across digital platforms and broader.
Coinbase has also recently made headlines for upgrading to its Solana infrastructure, claiming substantial gains in speed, reliability, and scalability. It has also implemented asynchronous transaction processing on Solana, which apparently resulted in a fivefold increase in block processing throughput.
