Coinbase has forecast a potential loss of up to $400 million following a cyber-attack that compromised account data for a subset of its customers. The breach involved insider access by overseas contractors and employees, who were paid by attackers to gather internal system data. While login credentials weren’t stolen, sensitive personal information was accessed, and some users were deceived into sending funds — for which Coinbase has pledged reimbursement.

Despite refusing to pay the attackers' $20 million ransom, Coinbase is now offering a $20 million reward for information — a strong stance, but one that highlights the growing need for proactive defense over reactive response.

With over $2.2 billion stolen from crypto platforms in 2024 alone, and attacks rising for the fourth consecutive year, this event reinforces that cybersecurity must be deeply integrated, combining real-time threat detection, insider risk monitoring, and post-incident forensics to prevent future breaches and protect customer trust.

This incident underscores the critical importance of robust network security, particularly for high-value targets in the crypto space. Advanced network monitoring could have flagged unauthorized internal data access sooner, while deep forensic capabilities are essential to trace the breach origin, assess the full impact, and identify insiders involved. Read more about this story on our LinkedIn page