Coinbase Hacked and Turns the Tables on the Cybercriminals!

This is how you handle cybercrime digital extortion! Coinbase was compromised by trusted 3rd party partners, which exposed customer data — but customer keys to their assets were still safe. The cyber criminals then attempted to extort $20 million from Coinbase, to keep the attack secret.

Coinbase’s answer: NO! Instead, they are creating a $20 million fund to help catch the attackers — thereby turning the tables on the extortionists!

This is AWESOME! Welcome to the big leagues!

This sends a huge message:

Coinbase takes security seriously and knows never to pay ransomware or other digital extortion. They are following common sense, that so many others ignore: Never give aid to your enemy!
It also signals to other potential criminals that Coinbase is a wasted effort, as they won’t pay. Why would a cybercriminal, who seeks personal financial gain, attack them if extortion is off the table?
By matching the ransom demands as a bounty for the attackers, they now must contend with the greed of their trusted 3rd parties that know who they are. How willing are their ‘friends’ to identify the attackers, for a sweet reward? The hunters now become the hunted. Brilliant!
With the loss of customer name and contact data, there may be some social engineering attacks, but Coinbase has already said they will make customer whole if that happens. Bravo.
Lastly, Coinbase is being transparent — which is exactly the opposite of what the attackers want. They are following the rule I taught my children — never do what the attacker wants, as they have a plan it always ends with them winning!

In cybersecurity we must manage risks. Most think it must be done exclusively with technology tools, but sometimes we can also discourage and dissuade attackers. What Coinbase has done is essentially target the cybercriminal Threat Agents, by using psychological deterrence. Future criminal attackers will not want to be in a position where they waste efforts to only become a target themselves.

This is a playbook for every company out there that is at risk of ransomware or other digital extortion! Craft your defense and response capabilities to be able to respond like Coinbase, in the unfortunate event of a breach.

My absolute congratulations and respect to Coinbase executive leadership: Brian Armstrong CEO, Jeff Lunglhofer CISO, and Philip Martin CSO

All Articles

Coinbase Hacked and Turns the Tables on the Cybercriminals!

Comments

Join The Community Discussion

Read More

(May Week 3 | 2025) Weekly CISO Digest : Top Blogs/Influencer Insights, Data Breaches & Exploits, Vulnerabilities & Patches, Career Developments, Industry-Specific Threats, Security Vendor Highlights

Help Shape The Future Of AI .. Join CISO Survey: Building A Generative AI Use Case Library

(May Week 2 | 2025) Weekly CISO Digest : Top Blogs/Influencer Insights, Data Breaches & Exploits, Vulnerabilities & Patches, Career Developments, Security Vendor Other Noteworthy Developments

CISO FireSide Chat : Cyber Insurance Strategies Every CISO Needs to Know – With Dan Bowden, Global CISO, Marsh McLennan (Mercer, Marsh, Guy Carpenter, Oliver Wyman)

Note: this page contains paid content.

CISO Platform

A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.

CISO Platform Talks : Security FireSide Chat With A Top CISO or equivalent (bi-monthly)

Playbook Round Table - London, Europe | Infosec Europe

Fireside Chat With Rick Doten (VP - Information Security at Centene Corporation)

CISO Meetup at BlackHat Las Vegas 2025