Coinbase’s recent security breaches from social engineering attacks have sparked a broader problem facing the industry. A way to balance cost-effective customer support with the need for strict security in the processing of sensitive financial data. Here’s how Coinbase scams unfolded and what it means for crypto exchanges to move forward.
On May 15, Coinbase revealed a major security breaches caused by social engineering attacks in which its overseas customer support contractors acquired bribri by cybercriminals and leaked sensitive internal data. This data was later used to trick some Coinbase customers into sending funds to attackers. The exchange has committed to a full refund for all affected users.
He was likely a victim of this data breaches. I’ve been called many calls from scammers pretending to be Coinbase. The scam is roughly like this
1) They text/call you to tell you that your ur coinbase account has been compromised
2) How much… Pretend to be a bunch of personal information verification, including https://t.co/7milfdihxf– QW (@qwqiao) May 15, 2025
The incident began rolling out on May 11th, when Coinbase received an email from an unknown threat actor who claimed to have obtained sensitive customer account details and internal company documents. The attackers demanded a $20 million ransom from Bitcoin (BTC) to keep the violations secret. Coinbase rejected demand and instead announced a $20 million bounty that led to the arrest of the person in charge.
On May 15, Coinbase filed an 8-K disclosure with the Securities and Exchange Commission, saying that the fraudulent contractors accessed and expanded data with a small subset of users, as 1% of Coinbase’s monthly trading clients abused their internal systems. The password, private key, and funds included secure and compromised information, but included the last four digits of your name, email address, phone number, masked bank details, account balance, government ID image, and Social Security number. The company also estimated that correction and reimbursement costs range between $180 million and $400 million.
You might like it too: The SEC continues its Coinbase investigation into “validated users”: Report
Coinbase had taken corrective actions, including firing the individuals involved and pledging to refund affected customers, but the incident sparked a heated debate about its reliance on low-cost overseas labor for customer support.
The general argument revealed in X was that exchanges should not hire low-wage third-party contractors outside the US, instead submitting support businesses internally and providing living wages. One user gave a sharp summary of their emotions. “Don’t hire fraudulent international support agents. Rather than outsource support to the third world, hiring Americans and managing billions of customer funds,” he said.
Others have rebutted that bribery and insider threats are not limited by geography or wage scales. One user said, “It may help, but it’s not something that Americans are not exposed to: 1 (personal) threat
Another common sentiment was concerns about how many customer data support agents would have access to the location-derived customer data support agents in the first place. As one user wrote, “Yes, but American supporters shouldn’t even be able to get my driver’s license.”
The main thing that everyone seemed to agree with is that when it comes to cryptography, customer support needs to be handled more carefully. As one user said:
“Financial institutions and cryptos are not particularly different to retail and Doordash support. You’re dealing with people’s money and sometimes their finances future.”
You might like it too: The FBI has concluded more than $900 million in fraud losses in 2024, led by the “Pig Slaughter” scheme
The violations and discussions around it highlight the tough balance of ACT that Coinbase must manage between reducing costs and keeping customer data safe.
Like other large tech companies, Coinbase and other cryptographic platforms rely heavily on outsourced customer support to handle large volumes of user inquiries. Countries such as India, the Philippines and parts of Africa are popular destinations for this type of outsourcing, thanks to their reduced labor costs and a wide pool of English-speaking talent. In a 2017 blog post, CEO Brian Armstrong himself acknowledged the strategy, saying the company “spuns outsourced support facilities” to meet the burgeoning demand.
Coinbase said it will open a new support hub in the US after the incident and implement stronger security controls and surveillance everywhere. This means that the company is lining up with concerns users have spoken about, but leaves us with broader questions about how crypto platforms can keep customer support safe without losing control over costs.
You might like it too: Coinbase rejects $20 million ransom and launches a matching bounty for fearful mailers
Discover more from Earlybirds Invest
Subscribe to get the latest posts sent to your email.
