One per cent of users of the US cryptocurrency exchange Coinbase had their data stolen in a cyberattack targeting the firm's overseas customer support agents, causing damage to the company estimated at between $180 million and $400 million, according to the firm.

The company revealed that the hackers reached out to a small group of employees overseas and tricked them into copying data from its customer support tool related to less than one per cent of users who complete monthly transactions on Coinbase.

With that data in their hands, they pretended to be Coinbase to convince customers to hand over their cryptocurrencies.

They then attempted to extort £20 million from Coinbase to cover it up.

The largest cryptocurrency exchange in the US said it is cooperating with law enforcement to seek severe punishment for those responsible, with the company refusing to pay the ransom.

Instead, the company has set up a £20 million fund for anyone who provides information leading to the arrest and conviction of the criminals responsible for the attack.

“Instead of funding criminal activity, we have investigated the incident, reinforced our controls, and will reimburse customers impacted by this incident,” said Coinbase.

The crypto exchange confirmed that the stolen data includes images of government ID documents, account data such as balance snapshots and previous transaction history, and masked bank account numbers.

The criminals did not gain access to login credentials or 2FA codes, private keys or any ability to move or access customer funds.

The company added that it has implemented additional security measures for customers, such as additional identity checks for large withdrawals and mandatory scam awareness alerts.

It is also opening a new support centre in the US and adding more rigorous security controls and monitoring across all locations, while increasing investment in internal threat detection capabilities.

Coinbase warned customers about the evolving capabilities of hackers, cautioning them to expect imposters and advising them to adopt a number of practices, including enabling strong two-factor authentication (2FA).

According to a report by blockchain analysis firm Chainalysis, funds stolen through hacker attacks on cryptocurrency platforms totalled $2.2 billion in 2024, marking the fourth consecutive year that such attacks exceeded $1 billion.

---