Coinbase breach fallout spreads, arrest made in India

The fallout from one of crypto’s most high-profile security breaches has gone international. Coinbase Chief Executive Officer Brian Armstrong said a former customer service agent was arrested in India, months after hackers bribed support staff to gain access to sensitive customer information at the largest U.S.-based crypto exchange.

The arrest stems from a breach disclosed in May, according to Bloomberg News. Coinbase revealed that attackers had paid contractors or employees outside the United States to steal customer data and then attempted to extort the company for $20 million. At the time, the San Francisco-based exchange warned the incident could cost as much as $400 million to remediate, making it one of the most expensive security episodes in the crypto industry to date.

A Coinbase spokesperson confirmed the arrest in India and said it followed cooperation with U.S. law enforcement, including recent work with the Brooklyn District Attorney’s Office. In a related case, prosecutors charged a Brooklyn man accused of running what authorities described as a “long-running impersonation scheme targeting Coinbase customers,” underscoring how compromised data can fuel downstream fraud long after an initial breach.

The incident highlights a persistent vulnerability for crypto platforms: human access points. While exchanges have invested heavily in technical safeguards, attackers increasingly exploit customer support channels, particularly when outsourced overseas, to bypass more sophisticated defenses.

Investors appeared largely unfazed but cautious. Coinbase shares fell about 1.2% to $236.79 on Friday, extending the stock’s year-to-date decline to roughly 4.6%. Still, the case serves as a reminder that as crypto firms push toward mainstream adoption, operational security—and oversight of third-party contractors—remains as critical as code.