Cryptocurrency exchange Coinbase announced on Thursday that hackers had stolen customer data and demanded a ransom of $20 million to keep the information private.
The group of cybercriminals reportedly convinced a small number of offshore customer support agents to copy data from support tools in exchange for payment, according to Coinbase’s blog post.
The criminals aimed to use this data to reach out to customers and potentially deceive them into providing cryptocurrency.
As the largest cryptocurrency exchange in the U.S., Coinbase refused to pay the $20 million demanded.
“Rather than succumbing to this ransom demand, we’re offering a $20 million reward for information that leads to the arrest and conviction of those involved,” Coinbase CEO Brian Armstrong stated in a video posted on social media. “For anyone trying to harm Coinbase customers, we will take legal action to ensure justice is served.”
Though less than 1% of customer data was compromised, it included names, addresses, phone numbers, email details, images of government IDs, and account information. However, only the last four digits of Social Security numbers and bank account numbers were visible, while login credentials and private keys remained secure and inaccessible.
“The attackers seek this information to masquerade as Coinbase support and perform social engineering attacks to extract funds from customers,” Armstrong explained.
Coinbase indicated that affected customers could be reimbursed, and flagged accounts might undergo further identity verification for larger withdrawals.
In a filing with the Securities and Exchange Commission, Coinbase projected that expenses related to remediation and voluntary customer reimbursements would range from $180 million to $400 million.
