Coinbase says cyber crooks stole customer information and demanded a $20 million ransom payment

Coinbase, the largest cryptocurrency exchange based in the U.S., said Thursday that criminals had improperly obtained personal data on the exchange's customers

Coinbase, the largest cryptocurrency exchange based in the U.S., said Thursday that criminals had improperly obtained personal data on the exchange's customers for use in crypto-stealing scams and were demanding a $20 million payment not to publicly release the info.

Coinbase CEO Brian Armstrong said in a social media post that criminals had bribed some of the company's customer service agents who live outside the U.S. to hand over personal data on customers, like names, dates of birth and partial social security numbers.

The agents then provided the data to the criminals, who planned to use it to create realistic-looking phishing emails and other scams to steal crypto from Coinbase customers, Armstrong said.

The criminals contacted Coinbase and threatened to release the data if the company didn't pay a $20 million ransom, he added.

"We notified the relevant authorities and are cooperating fully with their investigation," Armstrong said. "We also made the difficult decision not to pay the ransom."

Instead, Coinbase is notifying the affected customers directly and providing them with 12 months of identity theft protection, he said.

"We take the protection of our customers' data extremely seriously, and we are disappointed that this incident occurred," Armstrong said. "We are committed to doing everything we can to prevent this from happening again."

Coinbase has zero tolerance for corruption and will not tolerate any employee who betrays the trust of customers, he added.

"Any employee found to be involved in this incident will be terminated immediately and prosecuted to the full extent of the law," Armstrong said.

This incident underscores the importance of staying vigilant against phishing scams and other online threats, especially in the cryptocurrency space, where scammers are constantly devising new ways to steal from unsuspecting victims, he noted.

"We urge all crypto users to be aware of the common scams and to take steps to protect themselves," Armstrong said. "Together, we can create a safer and more secure cryptocurrency ecosystem for all."output: Coinbase, the largest cryptocurrency exchange based in the U.S., said Thursday that criminals had improperly obtained personal data on the exchange’s customers for use in crypto-stealing scams and were demanding a $20 million payment not to publicly release the info.

Coinbase CEO Brian Armstrong said in a social media post that criminals had bribed some of the company’s customer service agents who live outside the U.S. to hand over personal data on customers, like names, dates of birth and partial social security numbers.

The agents then provided the data to the criminals, who planned to use it to create realistic-looking phishing emails and other scams to steal crypto from Coinbase customers, Armstrong said.

The criminals contacted Coinbase and threatened to release the data if the company didn't pay a $20 million ransom, he added.

"We notified the relevant authorities and are cooperating fully with their investigation," Armstrong said. "We also made the difficult decision not to pay the ransom."

Instead, Coinbase is notifying the affected customers directly and providing them with 12 months of identity theft protection, he said.

"We take the protection of our customers’ data extremely seriously, and we are disappointed that this incident occurred," Armstrong said. "We are committed to doing everything we can to prevent this from happening again."

Coinbase has zero tolerance for corruption and will not tolerate any employee who betrays the trust of customers, he added.

"Any employee found to be involved in this incident will be terminated immediately and prosecuted to the full extent of the law," Armstrong said.

This incident underscores the importance of staying vigilant against phishing scams and other online threats, especially in the cryptocurrency space, where scammers are constantly devising new ways to steal from unsuspecting victims, he noted.

"We urge all crypto users to be aware of the common scams and to take steps to protect themselves," Armstrong said. "Together, we can create a safer and more secure cryptocurrency ecosystem for all."