Coinbase (NYSE: COIN), the largest crypto exchange in the U.S., has disclosed a data breach which was ongoing since January and could cost the company up to $400 million. Here’s everything we know about the hack and what it means for Coinbase and its users.
How Did the Coinbase Data Hack Occur?
Most major cybersecurity incidents are caused by human error of some kind and, in some rare occasions, insiders are bribed to steal information or help attackers infiltrate the system. In its blog, Coinbase said that the hackers bribed its overseas customer support agent in India to copy data in its customer support tools.
“What these attackers were doing was finding Coinbase employees and contractors based in India who were associated with our business process outsourcing or support operations, that kind of thing, and bribing them in order to obtain customer data,” said Coinbase Chief Security Officer Philip Martin.
The company said that the data of less than 1% of its monthly transacting users has been breached in the hack and the following data have been breached.
- Personal details like names, address, phone number, date of birth, and nationality
- Masked Social Security Numbers
- Images of government IDs, like driving license
- Masked bank account numbers with some identifiers
- Coinbase account data, like transaction history
Coinbase however said that sensitive information like login credentials and private keys have not been breached. It emphasized that the hackers don’t have the ability to access and move customer funds. The company also said that the hackers did not gain access to Coinbase Prime accounts, which is its offering for institutional clients.
How Does the Coinbase Hack Impact Users?
While hackers don’t have access to the affected users’ accounts since login credentials like passwords and 2FA codes have not been breached, there is a risk that they might impersonate the company to gain access to their accounts.
While the company has cautioned users against imposters and advised them against sharing confidential information like passwords, it reassured users by saying it will reimburse them if they were tricked into transferring funds due to the attack.
What Makes the Coinbase Hack So Significant?
Coinbase expects the breach to cost it between $180 million and $400 million, which may not sound that bad for a company worth over $67 billion, but it will likely be nothing short of devastating. The breach has far-reaching implications not only for Coinbase but for the industry.
Crypto exchanges have been quite vulnerable to breaches and hacks over the years. Last year, $2.2 billion was stolen by hacking crypto platforms per blockchain analysis firm Chainalysis. Coinbase has been seen as an island of safety before the recent hack. It’s the first publicly traded crypto exchange and has been the face of the industry, lobbying for enabling regulations with US lawmakers. The exchange also safeguards the bulk of the over $120 billion in spot bitcoin ETFs, acting as a custodian for 8 of the 11 such ETFs.
The company calls itself the “foundation of the spot ETF movement” and says it has “zero tolerance for errors.” The revelation of the breach might not have come at a worst time as Coinbase is set to join the S&P 500 Index on May 19 replacing Discover Financial Services. Coinbase’s inclusion in the world’s most popular index is no small feat and is testimony to the mainstreaming of cryptocurrencies.
While the monetary loss for Coinbase looks quite manageable, the company’s reputation has been severely impacted. To be sure, Coinbase has tried to be on the correct side of the law by refusing to pay the extortion money and has instead set up a $20 million reward fund “for information leading to the arrest and conviction of the criminals responsible for this attack.”
Human Error Is the Biggest Factor Behind Cybersecurity Breaches
Human error is the biggest factor behind cybersecurity, multiple studies have shown. While company insiders are behind the bulk of data breaches, many of these breaches are caused by mistakes rather than malicious intent.
According to an IBM study, breaches involving malicious company insiders are the costliest and such attacks cost over $8 million on average. Separately, a Verizon report showed that while 200 million records are compromised on an average when an external threat actor is involved, the number swells to 1 billion when insiders are involved.
Verizon’s 2025 Data Breach Investigation Report finds that there were 825 incidents of cyberattacks involving privilege misuse last year wherein there were confirmed data disclosure in 757 cases. 90% of the threat actors in these cases were insiders. Financial motives were behind 89% of these attacks while in some cases it was driven by grudge, fun, and ideology.
COIN Stock Is Undeterred
Meanwhile, Coinbase stock has recouped its losses post the revelation of the data breach and is up sharply since. However, the breach is yet another reminder that companies need to take data protection and privacy a lot more seriously.