Core Insights - Coinbase is reimbursing users after a data breach that led to an extortion attempt, affecting less than 1% of its monthly transacting users [1][2] - The attackers aimed to gather customer information to impersonate Coinbase and extort the company for $20 million, which Coinbase refused [2] - The breach resulted in the theft of personal information, including names, addresses, phone numbers, emails, and partial Social Security numbers, but did not compromise customer login credentials or funds [3][4] Company Response - Coinbase terminated the employees involved in the breach and plans to pursue criminal charges against them [2] - The company is enhancing customer safeguards, establishing a new U.S. support hub, and increasing investment in cyber threat detection [5] - Instead of paying the ransom, Coinbase is creating a $20 million reward fund for information leading to the arrest and conviction of the attackers [5] Industry Context - The incident follows a report from the FBI indicating a significant rise in cryptocurrency fraud, with reported losses of at least $9.3 billion in the previous year, marking a 66% increase from 2023 [6] - The FBI has notified over 5,400 victims of crypto-related fraud between January 2024 and April 2024, many of whom were unaware of being targeted [6]