Arrest follows investigation into $20 million ransom attempt tied to customer data theft
Coinbase CEO Brian Armstrong confirmed that a former employee of the crypto exchange has been arrested in India in connection with a major customer data breach earlier this year. The case highlights the growing risks of insider threats within large financial technology platforms, even those with strong security reputations.
Insider Bribery Led to Customer Data Theft
According to statements from Coinbase leadership, criminals bribed customer service representatives in May to gain unauthorized access to sensitive user information. The compromised data included home addresses, bank account details, and government-issued ID photos. Importantly, no customer funds were stolen during the incident.
After obtaining the data, the attackers attempted to extort the company, demanding $20 million in ransom in exchange for not releasing the stolen information. Coinbase refused to pay and instead escalated the matter to law enforcement agencies.
Armstrong stated that a former Coinbase customer support agent was arrested in Hyderabad, India, with investigations continuing to identify additional individuals involved. He emphasized the company’s zero-tolerance policy toward misconduct and its cooperation with authorities across jurisdictions.
Financial and User Impact
Coinbase disclosed that the breach could cost the company up to $400 million in remediation, legal, and security expenses, making it one of the most expensive crypto-related incidents of 2025. Legal filings indicate that nearly 70,000 users had data compromised as early as December, though the breach was not detected until May.
The incident underscores that human vulnerabilities remain a critical security risk, even for leading digital asset platforms operating at global scale.
Disclaimer
This content is for informational purposes only and does not constitute financial, investment, or legal advice. Cryptocurrency trading involves risk and may result in financial loss.