Coinbase Personal Data Leak: How Hackers Bribed Staff and What It Means for Customer Compensation

If the idea that someone is watching you sends chills down your spine, you’re not alone. What’s worse is knowing your information is floating on the dark web after a company gets hacked.

Coinbase was breached after cybercriminals bribed staff to access and copy customer information. The leak can lead to phishing, SIM swap attempts, and identity theft. Users can protect themselves by using strong passwords and 2FA.

Coinbase is a widely used crypto platform. In the 4th quarter of 2022, Coinbase had 110 million verified users… And in the 1st quarter of 2024, the platform had 8 million monthly transacting users.

With that many users, Coinbase handles massive amounts of money and customer information. This is exactly why hackers have set their eyes on the platform.

The attack on Coinbase happened on May 11, 2025.

The public was notified on May 15th.

Here’s how the hack happened:

• Hackers Targeted Overseas Support Staff: They collected information on support agents and contractors working outside the United States. Hackers then bribed the staff to misuse their access to Coinbase systems.
  
• Rogue Employees Collected Data: They accessed and copied customer data, which included:
  • Full names
  • Addresses
  • Emails
  • Social Security Numbers (last 4 digits)
  • Phone numbers
  • Government ID photos
  • Transaction history
  • Account balance
  • Internal company documents
    
• Coinbase Detected the Access: The platform’s internal security detected the unusual data access. After an investigation, Coinbase identified the employees and fired them immediately.
  
• Coinbase Notified Customers: The platform has sent notifications, warning customers whose information was affected.
  
• The Ransom Demand: On May 11th, Coinbase received an anonymous email. The sender confirmed the possession of the stolen data. They also demanded a $20 million ransom, threatening to disclose public information.
  
• Coinbase Responded: The platform notified the public about the ransom and announced that the company wouldn’t pay the ransom. Instead, Coinbase offered a $20 million reward to anyone who could provide information that could lead to the arrest of the attackers.

Now, Coinbase is working with law enforcement to investigate the breach and catch the perpetrators.

The company is also committed to compensating affected customers. Coinbase estimated that the compensation could cost at most $400 million.

The thing is… Coinbase is not the only crypto company that experiences hacks and breaches.

As long as there’s data, hackers will always find a way to break in.

And because of the overabundance of money and information crypto platforms deal with, they've become top targets for cyber criminals.

Here are some notable data breaches in the crypto industry:

Ronin Network

• When: March 2022
• How: Hackers compromised private keys to exploit a backdoor. They also forged withdrawals. The breach was discovered after 6 days when a user reported withdrawal problems.
• Cost: $625 worth of USDC and Ether.
  

Binance Bridge

• When: October 2022
• How: Hackers exploited the BSC Token Hub (a cross-chain bridge), allowing them to create and withdraw 2 million worth of coins.
• Cost: $570 million
  

Coincheck

• When: January 2018
• How: Hackers used phishing and malware to target a vulnerable hot wallet system.
• Cost: $534 million in NEM Tokens.
  

FTX

• When: November 2022
• How: When the company filed for bankruptcy, crypto wallets suddenly started losing money (many reported having a zero balance). It was alleged that it was an inside job.
• Cost: Over $477 million was stolen from users

So, what can happen to users if their crypto platforms get hacked?

• Risk 1: Phishing Scams - If your email address or phone number were affected by a breach, scammers can target you with phishing scams.
  
• Risk 2: SIM Swaps - Scammers can also use your full name and phone number for the rising attack called “SIM Swap,” where they convince your mobile provider to transfer your number to a SIM they control.
  
• Risk 3: Identity Theft - Scammers can use all kinds of information to steal your identity for unauthorized purchases, opening accounts in your name, and other forms of fraud.
  
• Risk 4: Dark Web Deals - hackers can sell stolen information on the dark web, allowing scammers to buy it and fuel their attacks.

With all the risks in mind, it’s important that you know how to protect yourself.

Yes, stopping a data breach is not your responsibility… And you can’t undo it once it happens.

Still, there are things you can do to protect yourself and make it hard for hackers and scammers to mess with you.

• Protection 1 – Use Two-Factor Authentication (2FA): Activating 2FA is ideal because it’ll help you keep your information safe from hackers even after a data breach.
  
• Protection 2 – Change Passwords: If customer passwords are affected by a data breach, make sure to change your passwords quickly. Also, don’t use the same password for all of your accounts to prevent hackers from accessing your accounts with just one password. We recommend using a password manager like Bitwarden, which generates strong, unique passwords and stores them safely.
  
• Protection 3 – Watch for Phishing Attempts: Never fall for phishing by watching out for these common red flags:
  • Urgent or threatening language (e.g., Act now!)
  • Request for sensitive and financial information
  • Unusual address (e.g. supp0rt@co1nnase.com)
  • Poor grammar
  • Unrealistic offers
    
• Protection 4 – Freeze Your Credit: After a breach (and if you're not applying for credit soon), freeze your credit immediately. This will stop fraudsters from opening accounts in your name even if they got your information.

The Coinbase breach (and the other crypto platforms' hacks) is a loud reminder that hackers will always try to break in and steal money or personal data.

So while crypto promises decentralization and autonomy, you still have to be responsible.

Double-check your security habits, use strong passwords (or a password manager), be careful of phishing, and freeze your credit whenever necessary.

Is my personal data safe on Coinbase?

Coinbase uses two-factor authentication (2FA), biometrics for logins, and AES-256 encryption, all of which make customer data safe. But remember: As long as their data, hackers will always try to steal it.

Will Coinbase refund you if you're scammed or hacked?

Yes, Coinbase may refund billing errors (like a double charge) or unauthorized transactions. You can report and request a refund at 1-855-771-9485. However, Coinbase doesn't usually refund voluntary transactions, even if it’s under false pretenses.