Coinbase Faces DOJ Probe Over Insider Data Breach

4h ago•

bullish:

bearish:

The U.S. Department of Justice (DOJ) has launched a criminal investigation into a recent data breach at Coinbase that involved attackers bribing overseas contractors, according to a Bloomberg report published May 19, citing a source familiar with the matter.

Due to the incident which Coinbase revealed on May 15, authorities are now reviewing the case after it was discovered that attackers broke into the cryptocurrency exchange’s Indian support system using third-party contractors.

The suspects allegedly paid these contractors to gain entry to internal systems, where they could steal information from customers and pretend to work for the company in fraud attempts.

Coinbase Cooperates With DOJ and Global Authorities

Coinbase Faces DOJ Probe Over Insider Data Breach

Paul Grewal, who serves as chief legal officer at Coinbase, stated that the company is supporting the federal authorities. Coinbase is supporting the DOJ and supporting other law enforcement agencies both in the U.S. and overseas as they investigate.

A company representative refused to comment further, but the involvement of the DOJ is a strong sign this could be the most serious insider breach ever seen in cryptocurrency.

Coinbase has confirmed that just 1% of its monthly active users had their names, contact details, identity documents and partially hidden financial data accessed by the attackers. The company confirmed that its key systems were still safe and had not been compromised.

Coinbase Refuses $20M Ransom Demand

The data breach made it possible for the hackers to carry out phishing and scamming schemes that granted them access to customer accounts without permission. At a press conference, Coinbase CEO Brian Armstrong shared that the hackers demanded a sum of $20 million in Bitcoin from the company.

https://t.co/evpIBMFvRW pic.twitter.com/f6UPdkL5R0

— Brian Armstrong (@brian_armstrong) May 15, 2025

The organization failed to comply and announced a reward of $20 million for anyone who reported and helped implicate the attackers. Coinbase stated in a Form 8-K filing with the SEC that it was still working on gauging the overall loss resulting from the incident.

Based on initial estimates, the company might have to cover between $180 million and $400 million in charges for fixing the problem and refunding customers. Everyone who was affected has supposedly been let go and Coinbase has promised to help them recover their losses.

DOJ Probe Highlights Crypto Insider Risks

Independent researcher ZachXBT pointed out that Coinbase users have suffered more than $300 million in damages annually because of phishing and social engineering.

10/ So where does the blame lie?

a) For the vast majority of the time these theft addresses are not being reported at all by Coinbase in popular compliance tools even after the thefts went on for weeks.

b) Multiple victims who have contacted me get stuck with useless customer… pic.twitter.com/ssYL2wN5iO

— ZachXBT (@zachxbt) February 3, 2025

It was revealed that there has been a rise in scammers making individuals believe they are from Coinbase in order to steal their seed phrases through trickery. With the DOJ joining the probe, it shows that there are greater worries about insider risks and cybersecurity issues in the crypto space.

The recent Coinbase breach comes as yet another example in a growing list of security incidents, encouraging calls for better third-party controls and harsher oversight from regulators.

Conclusion

The DOJ investigation proves that crypto companies are more at risk of insider attacks. Rising losses, increased government attention, and discernible risks to users point to the real need for additional safeguards at home, supervision by others, and worldwide cooperation to secure digital assets in a rapidly developing area of risk.