Coinbase Investigation Launched After Hackers Stole User Data

One day after its S&P 500 listing, the US-based crypto exchange is facing a scandal that can shake customer and investor trust. Coinbase has reportedly been hacked, and user data has been compromised.

However, the attack type puts Coinbase under question. The US Department of Justice launched a probe to investigate the hack, find the perpetrator, and estimate the damage.

With a $20 million ransom demanded, will the Coinbase investigation affect the company’s surging stock price? How did the management react to this news? Let’s find out.

Why is Coinbase Under Investigation?

On Monday, 19 May, the United States Department of Justice initiated a criminal investigation into a recent data breach at Coinbase, the largest US-based cryptocurrency exchange.

The probe focuses on the cyberattack that occurred on 15 May 2025, during which hackers accessed sensitive customer information by bribing support staff.

If confirmed, this would impact user confidence since it regards the misuse of customer data and confidentiality. While the DOJ has not publicly commented on the search, sources indicate that the focus is on the cybercriminals responsible for the breach rather than the firm.

Coinbase assured its full cooperation with the DOJ and other law enforcement agencies, emphasizing its commitment to pursuing criminal charges against the perpetrators.

Coinbase Hacks

The recent cyberattack on Coinbase was carried out on 15 May, as the company stated in a post on X. The hacker employed and bribed overseas support agents to gain unauthorized access to internal infrastructure and user data.

While sensitive data such as passwords and crypto wallets’ private key details were not compromised, personal data, including email addresses, partial Social Security numbers, and transaction history, may have been leaked.

Coinbase is not new to dealing with security threats. In 2021, more than 6,000 users were affected through a series of breaches in which attackers took advantage of a gap in multiple-factor authentication.

Furthermore, phishing attacks directed at Coinbase users have increased, where hackers employ social engineering to get users to expose passwords. Such continuous breaches have put Coinbase in the spotlight, and questions about its operational security have been raised.

Coinbase Investigation: Managerial Reaction

The management posted a quick reaction to the incident, with the CEO addressing users in a video recording on X. Brian Armstrong responded to the demanded ransom of $20 million worth of Bitcoin by putting up a bounty of the same amount for any information that could lead the company to the attacker(s).

Additionally, the exchange said it had terminated involved contractors and is collaborating with law enforcement agencies to identify and prosecute the individuals responsible.

Coinbase’s Chief Legal Officer, Paul Grewal, promptly commented on the Coinbase fraud investigation, confirming the reports and offering assistance to the ongoing search.

“We have notified and are working with the DOJ and other US and international law enforcement agencies and welcome law enforcement’s pursuit of criminal charges against these bad actors,” said Paul Grewal.

Experts estimate that this incident may cost the company $400 million in resolving gaps, compensating damaged users, and legal formalities.

Concluding Thoughts

The Coinbase probe by the DOJ highlights increasing cybersecurity concerns within the cryptocurrency sector. The episode is not just of critical importance to today’s users and businesses in the DeFi sector but also to traditional financial companies considering investing in decentralized finance as well as blockchain FinTech players.

As digital assets become more mainstream and institutional interest is on the rise, ensuring the protection of user data and internal infrastructure remains paramount.