The fallout from a major security breach at Coinbase has taken an international turn with the arrest of a former customer service agent in India. Coinbase CEO Brian Armstrong confirmed the arrest on social media, stating it followed cooperation with U.S. law enforcement, including the Brooklyn District Attorney’s Office.
The arrest is connected to a breach disclosed in May, where hackers bribed support staff—contractors or employees located outside the United States—to gain access to sensitive customer information. The attackers subsequently attempted to extort a $20 million ransom from the exchange. At the time, Coinbase warned that the incident could cost as much as $400 million to remediate, positioning it as one of the most expensive security episodes in the crypto industry's history.
The breach has been linked to broader fraud schemes. In a related case, prosecutors charged a Brooklyn man accused of running a "long-running impersonation scheme targeting Coinbase customers," highlighting how compromised data can fuel downstream fraud long after the initial incident.
Armstrong emphasized the company's stance, writing, "We have zero tolerance for bad behavior and will continue to work with law enforcement to bring bad actors to justice." The arrest was made by the Hyderabad Police in India.
The incident underscores a persistent vulnerability for crypto platforms: human access points. While exchanges invest heavily in technical safeguards, attackers are increasingly exploiting customer support channels, particularly when outsourced, to bypass sophisticated defenses.
Investor reaction was measured but negative. Coinbase shares fell about 1.2% to $236.79 on the day of the announcement, extending the stock's year-to-date decline to roughly 4.6%.
