According to the announcement, the company received an email from an unknown threat actor on the 11th of May 2025, claiming to have information about certain customer accounts, as well as multiple internal documents.
While some of the data, including addresses, names, and emails, was stolen, the hackers did not get access to login credentials or passwords. However, this process would reimburse clients who were tricked into sending funds to the attackers.
As security remains a challenge for the crypto industry despite its growing mainstream acceptance, this cyberattack may push the market to adopt stricter employee vetting and introduce some reputational risks.
According to officials of the company, hackers had paid multiple contractors and employees working in support roles outside of the US in order to collect the information. The company had fired those involved in the attack. At the same time, the US Securities and Exchange Commission had begun scrutinising whether Coinbase had misstated its user figures. Coinbase reportedly has refused to pay a ransom demand of USD 20 million from the attackers and is currently working with law enforcement agencies. The firm also established a USD 20 million reward for information on the hackers.
In addition, the agency had been interested in whether any inaccurate user data would indicate the company had any inadequate know-your-customer (KYC) compliance that is required of firms registered with the SEC. To this, a spokesperson from Coinbase denied that the SEC was probing the client’s compliance with KYC and Bank Secrecy Act rules.
According to Reuters, another source mentioned that the SEC did not directly ask questions about such compliance, and that it would not represent a relevant topic since the institution dropped a separate case against Coinbase, alleging that the company failed to register with its requirements.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now