Earlier this month, Coinbase, the largest cryptocurrency exchange in the United States, disclosed that it had fallen victim to a recent cyber attack. This breach impacted over 69,000 users, as confirmed by the company in a filing with Maine’s attorney general.

In the breach notification submitted to the Office of Maine’s Attorney General, Coinbase reported that hackers accessed both customer and corporate data, affecting a total of 69,461 individuals. The company stated that the breach resulted from a “small number of individuals” working at overseas retail support locations who improperly accessed customer information.

Following the discovery of this breach, Coinbase terminated these individuals’ employment. Coinbase identified the data breach on May 11, although it occurred in late December of the previous year.

The company has been proactive in communicating with affected customers through a notification letter outlining the incident. Additionally, Coinbase has committed to reimbursing customers who inadvertently sent funds to the attackers as a result of the breach, pending further investigation.

The cybercriminals managed to steal sensitive information, including names, addresses, phone numbers, email addresses, as well as masked security and bank account numbers, account balances, transaction histories, and some internal documents. However, login credentials, two-factor authentication codes, private keys, and user funds were not compromised.

The attackers demanded a $20 million ransom for the deletion of the stolen data, which Coinbase refused to pay. Instead, the exchange has offered a bounty of the same amount for information leading to the apprehension of those responsible.

Coinbase has urged its customers to adopt security measures such as enabling withdrawal allow-listing and strong two-factor authentication. The company is actively collaborating with law enforcement to track down the perpetrators of this breach.