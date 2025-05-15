Coinbase CEO Brian Armstrong said in a social media post Thursday that a ransom note arrived via email asking for $20 million in Bitcoin in exchange for not releasing information hackers had obtained on Coinbase’s customers.

“I’m going to respond publicly,” Armstrong said. “We are not going to pay ransom.”

Armstrong said attackers had found a “weak link” customer service agent outside the U.S. who accepted a “bribe” and gave away personal data on customers.

In a company blog post, Coinbase said it will reimburse customers tricked into sending funds to the attacker. Hackers received access to names, addresses, phone numbers, and emails; masked Social Security numbers (last four digits only); masked bank‑account numbers; and government‑ID images (driver’s licenses, passports). No passwords or private keys were obtained, the company says. The email arrived on Sunday.

“(The stolen data) allows them to conduct social engineering attacks where they can call our customers impersonating Coinbase customer support and try to trick them into sending their funds to the attackers,” Armstrong said.

Per the AP, Coinbase estimated in a filing with the SEC that it could end up spending anywhere between $180 million and $400 million “relating to remediation costs and voluntary customer reimbursements relating to this incident.”

Meanwhile, the New York Times reports that the SEC is separately investigating Coinbase over whether or not it reported inaccurate numbers during its IPO in 2021. The company claimed to have more than 100 million “verified users” in marketing materials.

Coinbase’s stock dropped 7% on Thursday after the news, per Yahoo.

