Barely integrated into the prestigious S&P 500, Coinbase is facing an internal corruption scandal. The world’s third-largest crypto platform has just fallen victim to a $20 million extortion attempt, orchestrated by cybercriminals who recruited its own overseas support agents to steal customer data.
Table of Contents
The anatomy of betrayal, when guards become thieves
Cybercriminals have managed to infiltrate Coinbase in bribing support agents abroad exposing the data of thousands of users. This strategy demonstrates that even the most sophisticated security protocols can be circumvented by human corruption.
To pull off their scheme, the attackers contacted support agents over several months, luring them with cash offers to gain privileged access to customer information.
Once they had the data, they attempted to extort $20 million in bitcoins to the platform, threatening to publicly disclose the security flaw.
The impact, although limited to less than 1% of monthly active users, remains significant. No passwords or private keys were compromised, but the personal data exposed enabled criminals to launch targeted phishing campaigns.
This breach raises fundamental questions about the security of outsourced operations, particularly when foreign subcontractors have access to sensitive information.
Coinbase offers $20M to track down hackers
Coinbase categorically refused to pay the ransom Rather than give in to blackmail, the platform offers the $20 million bounty required to capture those responsible.
The price to be paid goes far beyond the $20 million demanded by the hackers. Coinbase to pay between $180 and $400 million in total. This sum is divided between the full reimbursement of phishing scammed customers and the complete rebuilding of its security systems.
To regain trust, Coinbase is deploying a contingency plan including the repatriation of support operations, reinforcement of security protocols and a warning campaign to users.
For Coinbase, recently integrated into the S&P 500 the affair could affect its stock market valuation and credibility with institutional investors. Especially since social engineering scams already cost the platform’s users over $300 million a year.
As a journalist at Coinpri, I’ve been captivated by the world of bitcoin and blockchain since 2020. The decentralized aspect of Bitcoin particularly piqued my interest. Since then, I’ve been working constantly to spread my knowledge, hoping one day to see a world where everyone fully enjoys their financial freedom.
