Coinbase, a leading cryptocurrency exchange, has rejected a ransom demand of $20 million following a data breach involving a small group of support agents. These insiders exploited their access to steal account data from less than 1% of the exchange’s monthly transacting users in a phishing scheme. Coinbase assured users that no passwords, private keys, or funds were compromised. After obtaining the data, the attackers attempted to extort Coinbase for the ransom, which the company declined. Instead, Coinbase announced it would allocate a $20 million reward for information that leads to the arrest and conviction of those responsible for the breach. The incident highlights the ongoing risks of social engineering attacks within the crypto space, where cyber criminals often impersonate trusted brands to exploit victims.

Source 🔗