Coinbase Hacked and Turns the Tables on the Cybercriminals!

This is how you handle cybercrime digital extortion! Coinbase was compromised by trusted 3rd party partners, which exposed customer data — but customer keys to their assets were still safe. The cyber criminals then attempted to extort $20 million from Coinbase, to keep the attack secret.

Coinbase’s answer: NO! Instead, they are creating a $20 million fund to help catch the attackers — thereby turning the tables on the extortionists!

This is AWESOME! Welcome to the big leagues!

This sends a huge message:

Coinbase takes security seriously and knows never to pay ransomware or other digital extortion. They are following common sense, that so many others ignore: Never give aid to your enemy!
It also signals to other potential criminals that Coinbase is a wasted effort, as they won’t pay. Why would a cybercriminal, who seeks personal financial gain, attack them if extortion is off the table?
By matching the ransom demands as a bounty for the attackers, they now must contend with the greed of their trusted 3rd parties that know who they are. How willing are their ‘friends’ to identify the attackers, for a sweet reward? The hunters now become the hunted. Brilliant!
With the loss of customer name and contact data, there may be some social engineering attacks, but Coinbase has already said they will make customer whole if that happens. Bravo.
Lastly, Coinbase is being transparent — which is exactly the opposite of what the attackers want. They are following the rule I taught my children — never do what the attacker wants, as they have a plan it always ends with them winning!

In cybersecurity we must manage risks. Most think it must be done exclusively with technology tools, but sometimes we can also discourage and dissuade attackers. What Coinbase has done is essentially target the cybercriminal Threat Agents, by using psychological deterrence. Future criminal attackers will not want to be in a position where they waste efforts to only become a target themselves.

This is a playbook for every company out there that is at risk of ransomware or other digital extortion! Craft your defense and response capabilities to be able to respond like Coinbase, in the unfortunate event of a breach.

My absolute congratulations and respect to Coinbase executive leadership: Brian Armstrong CEO, Jeff Lunglhofer CISO, and Philip Martin CSO

All Articles

Coinbase Hacked and Turns the Tables on the Cybercriminals!

Comments

Join The Community Discussion

Read More

Top Breaches in Cyber Security in 2025 – upcoming live panel

Weekly CISO Podcast Pick – Why Cyber Risk Fails: What CISOs Should Do Instead

Navigating Cybersecurity in 2026: A Deep Dive into Trends, Statistics and Strategies for Enterprises, SMBs & BFSI/NBFCs

Daily Breach Intelligence 26 November 2025 - Dartmouth College has confirmed that its Oracle EBS instance was compromised; New Critical CVE with unauthenticated RCE in broadcast infrastructure..

Note: this page contains paid content.

CISO Platform

A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.

Atlanta Chapter Meet: Build the Pen Test Maturity Model (Virtual Session)