The company received an email from an unknown threat actor on Sunday, claiming to have information about certain customer accounts as well as internal documents.
While some data – including names, addresses and emails – was stolen, the hackers did not get access to login credentials or passwords, Coinbase said. It would, however, reimburse customers who were tricked into sending funds to the attackers.
Hackers had paid multiple contractors and employees working in support roles outside the US to collect information. The company had fired those involved, it said.
Separately, the US Securities and Exchange Commission (SEC) had begun scrutinising whether Coinbase had misstated its user figures, two sources familiar with the matter told Reuters.
