Cryptocurrency exchange Coinbase warned that the recent cyber attack would cost $400 million (£301 million) to resolve.

The company said the company gained access to customer information by paying Coinbase contractors and employees.

In a blog post, Coinbase said criminals have obtained “less than 1%” of their customer data, which they then use to mimic companies and trick people into handing over cryptocurrencies.

The group then asked Coinbase’s $20 million to keep quiet—but it refused to pay the bribe, instead promised to repay everyone who was cheated.

Disclosures prompted the company's share price to fall 4.1%.

Cyberattacks are days before U.S. companies intend to join the benchmark S&P 500, a milestone moment for the cryptocurrency industry.

It also reflects how the industry is increasingly targeting cybercriminals.

A report from research firm Chainalysis shows that funds from the cryptocurrency business totaled $2.2 billion in 2024.

"Although cryptocurrencies are increasingly accepting challenges from the cryptocurrency industry," said Nick Jones, founder of crypto company Zumo.

“As our new industry grows rapidly, it attracts the eyes of bad actors who are becoming more and more complex within the attack range.”

The company said it received emails from "Unknown Threat Actors" on May 11.

"We will repay customers who have been tricked into sending money to attackers," it said in a statement.

“We are working closely with law enforcement to seek the toughest fines and will not pay the $20 million ransom requirement we received.

“Instead, we are building a $20 million reward fund that will lead to arrest and conviction of criminals in this attack.”

In filings with the U.S. Securities and Exchange Commission, the estimated cost is between $180 million and $400 million.

It said that the figure comes from “remedial costs and voluntary customer reimbursement”, but that figure may change due to “potential losses, compensation claims and potential recovery rates.”

Staff who shared customer information with hackers have been fired.

Coinbase tells its customers that expect further attempts from scammers in the future and advises them to stay alert.

It says: "Coinbase will never ask for your password, 2FA code, or you transfer assets to a specific or new address, account, vault or wallet."

It warns customers that if they are suspicious, they should lock their accounts.

"We are sorry for the concerns and inconveniences caused by this incident," it said.

“When problems arise, we will continue to have problems.”