In May 2025, Coinbase, a leading U.S.-based cryptocurrency exchange, experienced an insider attack where attackers demanded $20 million for sensitive customer data. Coinbase refused to pay and instead offered a $20 million bounty for information on the attackers. The breach involved support employees who were bribed to steal customer records, raising concerns about Coinbase's data security practices, including alleged lax measures such as paying low wages to foreign call center workers with full data access. The incident could result in up to $400 million in customer compensation costs for Coinbase. The attack exploited social engineering tactics, including fake support calls guiding users to provide scam mnemonic phrases, leading to asset theft. Following the breach, hackers moved $42.5 million in Bitcoin through THORChain, a decentralized liquidity protocol known for capital efficiency and native asset swaps, in a suspected laundering attempt. THORChain continues to demonstrate high-volume decentralized swaps, including a notable 188.3 BTC transaction, and supports cross-chain swaps involving assets like XRP, BTC, and ETH. The breach underscores the vulnerabilities of crypto exchanges to insider threats and traditional bribery tactics, highlighting risks in the virtual asset trading sector.