Coinbase, a prominent cryptocurrency exchange, encountered a major data breach on May 11, 2025, leading to an extortion attempt and potential financial losses of up to $400 million. The incident underscores the ongoing cybersecurity challenges within the cryptocurrency industry, coinciding with Coinbase’s imminent inclusion in the S&P 500 index. Coinbase’s $20 million reward for information regarding the attackers stands as a testament to their proactive security measures. Following a threatening email indicating compromised customer account data, Coinbase’s leadership, led by Philip Martin, firmly refused any negotiations with the attackers. The company took swift action by terminating employees impacted by the breach and implementing enhanced security controls. Coinbase shares fell 3% during pre-market trading, reflecting market uncertainty surrounding this breach. This incident coincides with a critical period as Coinbase gears up for its S&P 500 inclusion. The potential financial losses are estimated between $180 million to $400 million. Coinbase is committed to compensating affected customers and collaborating with law enforcement on the investigation. The recent data breach echoes trends observed in past attacks, such as the Bybit hack. This incident has highlighted the vulnerability of cryptocurrency firms to cyberattacks. Analysts suggest that these breaches may lead to intensified cybersecurity measures across the industry, including greater collaboration with law enforcement and stricter customer protection strategies.