Coinbase, one of the leading cryptocurrency exchanges in the United States, has been the target of a significant cyber attack, potentially leading to losses ranging from $180 million to $400 million in the current financial year. This forecast comes from the exchange itself, after conducting an analysis of the incident’s immediate and long-term impacts, including the drop in the company’s share value by approximately 3%.
According to information obtained by Cybersecurity Insiders, the breach appears to have stemmed from an insider threat. A trusted individual within the company gathered sensitive information and passed it along to external actors. On May 11, 2025, the hackers launched their attack, claiming to have gained access to a small portion of Coinbase’s data. This data reportedly included personal details of customers and employees, such as names, email addresses, and home addresses.
The scope of the attack is particularly concerning as the cybercriminals employed advanced phishing tactics to trick Coinbase users into transferring part of their cryptocurrency holdings to fraudulent accounts. Victims of the attack believed they were responding to legitimate requests, only to realize too late that they had been deceived by the attackers’ sophisticated methods.
Upon discovering the breach, Coinbase’s incident response team acted swiftly. They immediately reset all server account passwords and initiated a process to reimburse customers who had unknowingly transferred their funds to the fraudulent accounts. The company also launched an investigation into the insider threat, which was traced back to freelance employees working for Coinbase outside of the United States. These individuals were promptly terminated.
Currently, Coinbase is focused on restoring the affected accounts and reinforcing its security protocols to prevent further incidents. The company has made it clear that it will not comply with the $20 million ransom demand made by the attackers, maintaining its stance of not paying out to cybercriminals. In a move to encourage public cooperation, Coinbase has also announced a reward of up to $20 million for anyone who provides information that leads to the identification and capture of the attackers.
This attack appears to be a variant of ransomware, in which data was siphoned off without the encryption typically seen in traditional ransomware attacks. Notably, Coinbase has emphasized that its servers were not encrypted during the breach, which may offer insight into the nature of the attack.
The broader impact of such cyber incidents is evident, as crypto exchanges have become frequent targets for cybercriminals. According to Chainalysis, cryptocurrency exchanges suffered a staggering $2.2 billion in losses from cyberattacks in 2024. The trend is expected to continue, with predictions suggesting that losses could increase by 25% in 2025, further highlighting the increasing risks in the crypto industry.
Ad
Source link
#Insider #Threat #fetches #400m #loss #Coinbase
