Brian Armstrong, co-founder and chief executive officer of Coinbase, has publicly thanked the Hyderabad Police for arresting a former Coinbase customer service agent allegedly involved in a massive cybercrime operation linked to a $400 million data breach and extortion scheme.

In a post on social media, Armstrong said Coinbase maintains “zero tolerance for bad behaviour” and will continue to cooperate with law enforcement agencies worldwide. “Thanks to the Hyderabad Police in India, an ex-Coinbase customer service agent was just arrested. Another one down and more still to come,” he wrote.

Arrest linked to major data breach

The arrest follows a cyberattack that hit Coinbase earlier this year, during which account data belonging to a “small subset” of customers was compromised. The company later confirmed that the breach was facilitated by a group of rogue overseas customer support agents who were allegedly bribed by hackers.

According to Coinbase, the attackers aimed to extort the company and deceive customers by exploiting internal access held by compromised support staff. A company spokesperson has confirmed the arrest made by the Hyderabad Police.

What data was compromised

Coinbase disclosed that the stolen data included customer names, addresses, phone numbers and email IDs. In some cases, masked Social Security numbers (last four digits), masked bank account numbers, government-issued identity images such as passports or driving licences, account balances and transaction histories were also accessed.

The company clarified that critical infrastructure, including Coinbase Prime systems and hot or cold crypto wallets, was not impacted by the breach.

Global investigation underway

A report by Bloomberg said Coinbase has also filed charges against a man from Brooklyn accused of running a long-standing impersonation scam targeting Coinbase users. The investigation spans multiple jurisdictions, reflecting the global and coordinated nature of the cybercrime network involved.

Coinbase estimates that the incident could cost the company between $180 million and $400 million, covering remediation, customer reimbursements and security upgrades.

Strong message on accountability

Armstrong’s public acknowledgement of Indian law enforcement underscores the growing role played by Indian cybercrime units in tackling global digital fraud. Legal and cybersecurity experts say the case highlights how insider threats, particularly in customer support roles, are emerging as a serious risk for tech and financial platforms.

The arrest also sends a strong message that cross-border cybercrime, even when facilitated by insiders, will not escape scrutiny as international cooperation between companies and law enforcement agencies intensifies.