Report: Coinbase Learned of Data Breach in January

By  |  June 2, 2025
 | 

Coinbase reportedly knew in January about a data breach at an outsourcing company that it publicly disclosed May 14 in a filing with the Securities and Exchange Commission (SEC).

    Get the Full Story

    Complete the form to unlock this article and enjoy unlimited free access to all PYMNTS content — no additional logins required.

    yesSubscribe to our daily newsletter, PYMNTS Today.

    By completing this form, you agree to receive marketing communications from PYMNTS and to the sharing of your information with our sponsor, if applicable, in accordance with our Privacy Policy and Terms and Conditions.

    The cryptocurrency exchange was notified immediately when an India-based employee of the outsourcing company was caught taking photos of data on her work computer, Reuters reported Monday (June 2), citing unnamed sources.

    Coinbase said in its SEC filing that it knew contactors accessed data they didn’t need for business reasons in “previous months,” but didn’t know that the access was part of a larger operation until it received an extortion demand on May 11, according to the report.

    Coinbase did not immediately reply to PYMNTS’ request for comment.

    The company said in a May 15 blog post that a data breach turned into an extortion attempt when cybercriminals convinced a “small group” of company insiders to copy data from its customer support tools for less than 1% of Coinbase’s monthly transacting users and then tried to extort Coinbase for $20 million to cover up the breach.

    “We said no,” Coinbase said in the blog, adding that it fired the compromised employees “on the spot,” referred them to law enforcement, began adding new customer safeguards, and set up a $20 million reward fund for information that leads to the arrest and conviction of the cybercriminals.

    Because the cybercriminals also used the data they stole to contact Coinbase customers while pretending to be Coinbase in order to trick people into handing over crypto, Coinbase said it would reimburse customers who were tricked into doing so.

    In its filing with the SEC, Coinbase said that the cybersecurity incident could cost it between $180 million and $400 million in remediation costs and voluntary customer reimbursements, adding that its investigation into the incident was still underway, so the full impact of the cyberattack was not yet known.

    On May 19, Coinbase Chief Legal Officer Paul Grewal told Bloomberg that the Justice Department is investigating the data breach.

    “We have notified and are working with the DOJ and other U.S. and international law enforcement agencies and welcome law enforcement’s pursuit of criminal charges against these bad actors,” Grewal said, per the report.


    Recommended

    Report: Coinbase Learned of Data Breach in January

    Report: Temu Loses 58% of US Daily Users Due to Tariffs

    AI Startup’s Digital Storefronts Prepare Brands for AI Searches, Agentic Economy

    Illinois, credit cards, swipe fees

    Illinois Lawmakers Vote to Delay Implementation of Interchange Fees Law

    See More In: , , , , , ,