A data breach at Coinbase has been confirmed, with attackers bribing customer support agents for access to user information. The incident, which affected fewer than 1% of monthly transacting users, did not expose passwords, private keys, or funds. Coinbase responded by offering a $20 million reward fund for information leading to the arrest and conviction of those responsible. The attack saw hackers target Coinbase’s global customer support, gaining access to sensitive data including names, addresses, phone numbers, email addresses, masked Social Security numbers, bank account identifiers, government ID photos, and transaction histories. Attackers also accessed sanctioned corporate data such as reports, training materials and communications. Despite this, the company confirmed that no fundamental information categories were violated. Coinbase CEO Brian Armstrong publicly confronted the attackers, rejecting their ransom demands and vowing to pursue legal action against them.