The US Department of Justice (DOJ) has initiated an investigation into a significant security breach at Coinbase, the largest US-based cryptocurrency exchange. According to sources familiar with the matter cited by Bloomberg, the DOJ’s criminal division in Washington is examining the circumstances surrounding the breach, which has raised serious concerns about cybersecurity within the crypto sector. Coinbase Collaborates With DOJ Amid Major Data Breach Coinbase disclosed that the breach involved criminal actors bribing employees and contractors in India to gain access to sensitive client data. Paul Grewal, Chief Legal Officer of Coinbase, stated: We have notified and are working with the DOJ and other US and international law enforcement agencies and welcome law enforcement’s pursuit of criminal charges against these bad actors. Related Reading: Dogecoin On The Edge: Major Breakout Or Breakdown Imminent? Importantly, the exchange’s CLO clarified that while Coinbase itself is not under investigation, the DOJ is focused on the criminals involved in the breach. The incident first came to light when Coinbase received an email from an unidentified threat actor on May 11, claiming to possess information about certain customer accounts alongside internal documents. The company anticipates losses ranging from $180 million to $400 million due to the cyberattack. $20 Million Reward Fund After Rejecting Ransom While the attackers managed to steal some data, including names, addresses, and email addresses, the exchange confirmed that login credentials and passwords were not compromised. In a statement on May 15, Coinbase reassured its users via social media platform X (formerly Twitter) that it would not succumb to the attackers’ demands. The criminals had requested a ransom of $20 million. Related Reading: Pundit Says XRP Price Will Stabilize At $1,000 And Become ‘Very Expensive’ Instead of paying the ransom, Coinbase announced the establishment of a $20 million reward fund aimed at encouraging information leading to the arrest and conviction of those responsible for the attack. At the close of trading on Monday, the company’s stock (COIN) was trading at $263. Featured image from DALL-E, chart from TradingView.com
The attackers did not access any customer funds, private keys, or login systems, and the breach affected less than 1% of Coinbase users.
Asset prices across markets largely shrugged off surging Inflation expectations, with crypto prices consolidating sideways.
Binance and Kraken were also targets of social engineering attacks targeting Coinbase customer service representatives.
Analysts downplayed the incidents as isolated and non-material to Coinbase's long-term outlook.
Coinbase shares dropped 7% after disclosing a cyberattack and a resurfaced SEC probe on old user metrics.
At a panel at Consensus 2025, TRM Labs' Ari Redbord discussed Coinbase’s response to their recent hack
The investigation began under former SEC Chair Gary Gensler and has continued under the current administration, according to the NYT, which first reported the story.
Never miss a beat with The Block's daily digest of the most influential events happening across the digital asset ecosystem.
Lucas Matheson said Canada risks falling behind as other nations actively shape crypto policies.
Coinbase revealed that it suffered a data breach that affected less than 1% of its active monthly users, according to the May 15 statement. Following the hack, the exchange CEO Brian Armstrong said the perpetrators tried to extort it of $20 million in Bitcoin. How Coinbase was breached According to the exchange, the threat actors […]
The post Coinbase resists $20 million Bitcoin ransom demand after insider-led data breach appeared first on CryptoSlate.
In a 2023 securities filing, Coinbase said it would begin disclosing “monthly transacting users” rather than the “verified users” statistic.
The exchange fired staff involved in the breach on the spot and will press criminal charges.
What is HTTP 402, and why does it matter? The web was not really built with payments in mind, especially not for autonomous agents or machines. But with the rise of AI and decentralized finance (DeFi), the need for seamless, native digital payments has never been more urgent. Coinbase x402 announced a new open protocol designed to let APIs, apps and AI agents pay instantly using stablecoins like USDC (USDC), all via the familiar HTTP protocol.This isn’t just a product update. X402 revives a long-forgotten piece of internet infrastructure and reimagines it for a future powered by agentic systems and crypto.HTTP status codes: A quick refresherUnderstanding HTTP status codes helps clarify how the web communicates behind the scenes. Here are some key ones to know:HTTP 200 — OK: Standard response for successful HTTP requests.HTTP 401 — Unauthorized: Indicates the request requires user authentication; typically used when credentials are missing or invalid.HTTP 403 — Forbidden: The server understood the request, but it refuses to authorize it (often due to lack of permissions or access control).HTTP 404 — Not found: Indicates that the requested resource could not be found.HTTP 402 — Payment required: Originally intended to support digital payments directly within the protocol but left as a “reserved for future use” status code due to the lack of global payment infrastructure at the time.HTTP 500 — Internal server error: A generic error message when the server encounters an unexpected condition.Although the creators of the web imagined a future where online services might request payments directly through the protocol, for decades, no one found a practical use for it. It sat dormant for over 25 years, with no widespread adoption or defined behavior.Today, HTTP 402 is finally coming to life, thanks to Coinbase’s x402 protocol. X402 turns HTTP 402 from a placeholder into a real mechanism. It allows websites, APIs and services to signal that a payment is required before granting access to digital goods or services.Unlike traditional payment systems, which rely on external redirects or complex integrations, x402 enables native, in-protocol payments using stablecoins directly over HTTP.But why do x402 and the activation of HTTP 402 matter?With machine-to-machine interactions, autonomous agents and AI-driven services on the rise, the internet needs a payment layer that is:InstantProgrammableInteroperableTrust-minimized.Activating HTTP 402 positions it as a key enabler for decentralized commerce, autonomous agents and crypto-native applications. It could become as foundational as HTTP 200 or 404 in a future where services charge micro-fees, stream value or sell access dynamically. Coinbase x402: A native payment layer for the web Coinbase’s x402 is an open protocol that allows websites and APIs to request and receive payments in stablecoins directly over HTTP. It works by using the existing HTTP infrastructure and augmenting it with a lightweight payment layer. Here is the step-by-step process for machine-to-machine transactions using the x402 protocol:Client requests a paid resource: A client, such as an AI agent, app, or browser initiates a request to an x402-enabled server (e.g., an API, data set or digital service) that requires payment to access.The server responds with a 402 Payment Required: In response, the server returns an HTTP 402 status code, along with the payment details. This includes the amount to be paid, the supported token (such as USDC) and a payment payload or address to use.Client submits the payment: The client uses its crypto wallet to sign and submit the payment. This happens programmatically — no user interaction is needed, which enables fully automated or agentic payments. It resends the original request, this time including the encoded payment information in an X-PAYMENT HTTP header.The payment is verified and settled onchain: A payment facilitator service, such as Coinbase’s x402 Facilitator, checks the blockchain to verify that the payment has been made and confirmed.The server delivers the resource: Once the payment is validated, the server fulfills the request and returns the data or content. It also includes an X-PAYMENT-RESPONSE header confirming the success of the transaction.In x402, payments happen over standard HTTP using two custom headers: X-PAYMENT and X-PAYMENT-RESPONSE. These headers allow seamless, automated payments between apps, agents and servers — without changing how HTTP works. It’s a simple yet powerful way to enable web-native, machine-to-machine commerce using stablecoins.What makes x402 revolutionary is that it doesn’t require platforms, plugins or third-party integrations. It creates a native payment layer for the web itself, just like HTTPS added security or cookies enabled session management.Did you know? HyperText Transfer Protocol Secure (HTTPS) is the secure version of HTTP, the foundational protocol used to transfer data on the web. What are agentic payments, and why are they important? As AI systems become more advanced, the agentic era has begun. In this new paradigm, software agents, ranging from AI bots to autonomous scripts, are expected to act on behalf of users or even independently. AI agents will need to perform actions like accessing data, subscribing to services or renting compute power. And all of these tasks often require payments.This is where the concept of agentic payments comes in. These are payments made by agents, not humans — fast, automatic and often low-value. Think of a data-scraping AI paying a cent to read a scientific article or a supply chain bot paying fractions of a dollar for live port data.Traditional payment infrastructure wasn’t built for this kind of use case. It falls short because of the below reasons:Built for humans, not machines.Requires logins, manual steps and batch processing.High fees and slow settlement times make them unsuitable for high-frequency, low-value, autonomous transactions.Because of the limitations of traditional payment systems, agentic payments matter for several key reasons:They enable a machine-first economy, where software can transact just like humans.Make real-time AI decision-making possible by removing friction from access to paid services.Pave the way for composable services, where agents can chain together paid APIs and tools autonomously.As discussed, such payments require machine-readable protocols, instant settlement and predictable pricing, all of which x402 enables. It’s a vital step in building a transactional layer for a machine-first internet. x402 vs. traditional payment systems Today’s online payment systems are deeply human-centric. Whether it’s signing up for a subscription, entering credit card information or passing Know Your Customer (KYC) checks, the current infrastructure assumes a person is at the center of every transaction.This design becomes a bottleneck when payments need to be made automatically, in real time and at scale. APIs that want to monetize often face hurdles like creating user accounts, handling fraud, managing disputes and integrating with centralized processors like Stripe or PayPal. These systems are slow, costly and often region-specific.X402 removes these barriers by allowing servers to ask for and receive payment directly through the protocol itself. There’s no need for logins, billing dashboards or delayed bank transfers. The value transfer is embedded into the fabric of the internet, optimized for agents and apps.The contrast between x402 and traditional payment infrastructure is stark. While x402 is protocol-first, built on crypto rails, systems like Visa, Stripe and PayPal are platform-first. X402 enables payments to settle in seconds using onchain transactions, while traditional rails typically settle over one to three business days.Moreover, x402 supports micropayments as small as fractions of a cent, making it viable for high-frequency, low-cost interactions — something that’s infeasible on credit card networks due to fees. It’s also global by design, requiring no currency conversions or regional banking relationships. Chargebacks, fraud risk and intermediary fees are virtually eliminated, thanks to the immutability of onchain transfers.Where traditional systems focus on human users with front-end interfaces, x402 enables machine-native, backend-to-backend monetization.Did you know? You can detect HTTP 402 responses using tools like Sitechecker Pro, which scans your site like a search bot and flags unusual status codes — including payment-related ones. Incumbents’ act: How Visa, Stripe and PayPal are exploring AI-powered payments To be fair, incumbents aren’t ignoring this trend. Visa, Stripe and PayPal have all acted to be in line with the trend and incorporate appropriate changes in their approach.VisaVisa has announced initiatives to allow AI agents to make purchases on behalf of users by linking them to its global payments network. This move aims to facilitate autonomous AI assistants capable of performing shopping tasks, such as managing routine purchases, based on user-defined budgets and preferences.In partnership with Bridge, a stablecoin infrastructure provider, Visa is launching stablecoin-linked Visa cards across multiple countries in Latin America. This collaboration enables users to make everyday purchases using cryptocurrency tokens, with plans to expand to Europe, Africa and Asia in the coming months.StripeStripe has unveiled a new AI foundation model aimed at improving fraud detection and authorization rates. This model, trained on billions of transactions, has significantly increased the detection rate for fraudulent activities, such as card-testing attacks, enhancing the security of its payment systems.Stripe has introduced Stablecoin Financial Accounts, allowing businesses in over 100 countries to hold balances in dollar-backed stablecoins like USDC and USDB. These accounts support global payments and enable firms to manage stablecoins alongside traditional payment methods. PayPalPayPal is set to launch a rewards program offering users a 3.7% annual yield on holdings of its stablecoin, PayPal USD (PYUSD), in PayPal or Venmo wallets. This initiative aims to encourage the adoption and utilization of PYUSD for various transactions, including merchant payments and peer-to-peer transfers.PayPal has expanded its partnership with Coinbase to increase the adoption and utilization of PYUSD. This collaboration focuses on developing stablecoin-based payments and banking solutions, as well as exploring other use cases for PYUSD in DeFi and onchain platforms.Protocols vs. platforms: The distinct approachesWhile Visa, Stripe and PayPal are making significant strides in integrating AI and stablecoins into their services, these companies still operate within walled gardens. They offer services, not protocols. Their infrastructures are:Centralized: Governed by corporate policies and APIs.Permissioned: Access requires onboarding, KYC and platform approval.Closed ecosystems: Where user experience and interoperability are tightly controlled.In contrast, x402 is permissionless and open, allowing any developer to plug into it without needing a merchant account. And the distinction between centralized services and open protocols like x402 will play a crucial role in shaping the future landscape of digital payments, potentially leading to a more decentralized and agent-driven economy. What is x402’s monetization model? One of the most practical use cases for x402 is API monetization. In today’s model, developers must create keys, handle access tiers, and enforce rate limits manually. With x402, APIs can simply respond to unauthenticated requests with a 402, indicating a cost, for example, $0.001 to access a data endpoint.A client can then send the required stablecoin payment and receive the response instantly. This turns APIs into microservices with embedded pricing, enabling fine-grained monetization at the level of individual function calls. It’s a model that fits naturally with both AI workloads and human developers who want to pay only for what they use.Stablecoins like USDC are central to the success of x402 and agentic payments more broadly. Their key benefit is price stability, allowing developers and agents to transact in predictable units without worrying about crypto volatility. That’s critical for applications that operate with tight budgets or usage-based pricing.USDC also offers fast finality, especially on chains like Base, Solana and Ethereum layer 2s, where transfers can confirm in seconds with minimal fees. Its broad support across wallets, APIs and ecosystems makes it a practical choice for integration. Other stablecoins like PYUSD or EURC may become relevant, but USDC’s dominance in DeFi and institutional finance gives it a clear head start. Challenges and opportunities for agentic payments Agentic payments raise important questions around security, like how can bots manage private keys safely? There’s also the issue of abuse — will bad actors flood servers with fake payments or exploit pricing models? Regulatory concerns also loom.But the upside is enormous. The emergence of a machine-to-machine economy has led to a situation where agents transact for data, compute, bandwidth and services without human input. Protocols like x402 are the rails that will power this fast, open and crypto-native economy.Coinbase’s x402 is more than a technical upgrade; it’s a new payment primitive for the programmable web. By bringing crypto payments over HTTP to AI agents and APIs, x402 transforms how the internet handles value. It opens the door to a future where transactions are embedded, automatic and driven by machines, not just people. As the digital economy evolves, protocols like x402 could become the foundation of the new internet, powered by a new-age financial infrastructure.
Coinbase confirmed that cyber criminals bribed some of its offshore customer service representatives to obtain user data.
Data thieves demanded $20 million from Coinbase to not publish stolen customer data. The company has now offered the same amount bountry on the extorters.
The move comes after a former DOGE staffer, Ethan Shaotran, praised the team’s mission and work ethic despite the backlash he faced.
Coinbase is expanding its footprint in the wrapped token space by preparing to release wrapped versions of XRP, Cardano (ADA), Dogecoin (DOGE), and Litecoin (LTC) on its Ethereum Layer 2 network, Base. In a post published on May 13 via its Coinbase Assets X account, the exchange confirmed the upcoming availability of cbXRP, cbADA, cbDOGE, […]
The post Coinbase to launch wrapped XRP, ADA, DOGE, and LTC on Base network appeared first on CryptoSlate.
The following article is adapted from The Block’s newsletter, The Daily, which comes out on weekday afternoons.
The exchange is the first and only crypto company to join the S&P 500 index.
Coinbase is set to join the S&P 500 — a move that could see billions of dollars allocated to COIN, according to analysts at Bernstein.
The company is set to join the broad-market stock index on May 19, replacing Discover Financial.
Coinbase, the largest crypto exchange in the U.S., is set to join the S&P 500, making it the first pure-play crypto firm on the benchmark index.
Coinbase has bitcoin on the balance sheet, but management wants to be clear it's not taking the Michael Saylor/MSTR approach.
The crypto exchange's broadening product suite and dominant U.S. market position set it up well for the long term, many analysts said.
Rumble, the video-sharing platform known for backing alternative media voices, is developing a crypto wallet that could launch by the third quarter of this year. On May 9, Rumble CEO Chris Pavlovski said the wallet will serve as a non-custodial tool tailored for creators. He emphasized the company’s ambition to become a central player in […]
The post Rumble non-custodial Bitcoin wallet to launch in Q3 in challenge to Coinbase appeared first on CryptoSlate.
Coinbase Derivatives will provides round-the-clock futures contracts trading for retail and institutional investors.
One of the world’s largest cryptocurrency exchanges, Coinbase, announced on Thursday that it has agreed to acquire Dubai-based crypto derivatives exchange Deribit, for $2.9 billion, marking the largest deal in the crypto sector to date. Coinbase Expands Global Reach With Deribit The acquisition, announced on Thursday, involves a substantial financial commitment, with $700 million in cash and 11 million shares of Coinbase Class A common stock as part of the deal. The transaction is anticipated to close by the end of the year, a timeline that has already positively impacted Coinbase’s stock, with shares rising more than 5% toward the $206 mark following the announcement. Related Reading: Ethereum ‘Extremely Undervalued Against BTC’ – Supply Pressure May Delay Recovery Greg Tusar, Coinbase’s vice president of institutional product, emphasized the strategic importance of the deal, stating that it enhances Coinbase’s ability to compete with major players like Binance. While Coinbase dominates the US market for cryptocurrency trading, it has historically held a smaller share in the global arena, where a significant portion of trading activity occurs on Binance. Acquisition Highlights Deribit has established itself as a powerhouse in the crypto derivatives space, facilitating over $1 trillion in trading volume last year and boasting approximately $30 billion in current open interest on its platform. “We’re excited to join forces with Coinbase to power a new era in global crypto derivatives,” said Deribit CEO Luuk Strijers in a statement. He highlighted that this acquisition will not only accelerate the growth of both companies but also provide traders with enhanced opportunities across various trading products, including spot, futures, perpetuals, and options, all under the Coinbase brand. Tusar noted that Deribit’s consistent track record of generating positive adjusted EBITDA is a key factor in the acquisition, suggesting that the combined entity will likely see increased profitability. “One of the things we liked most about this deal is that it’s not just a game changer for our international expansion plans — it immediately diversifies our revenue and enhances profitability,” he told CNBC. Related Reading: Cardano Approaches Critical Resistance – Break Above Could Trigger Move To $0.80 This acquisition comes at a time when the cryptocurrency industry is benefiting from a supportive regulatory environment, with President Donald Trump’s administration taking a pro-crypto stance. This regulatory tailwind has fueled an increase in mergers and acquisitions within the sector. For instance, in March, US-based crypto exchange Kraken announced its acquisition of NinjaTrader for $1.5 billion, and last month Ripple Labs agreed to buy prime broker Hidden Road. Featured image from DALL-E, chart from TradingView.com
The crypto exchange cited a drop in crypto prices as a result of U.S. President Donald Trump’s tariff policy and macroeconomic uncertainty as the reason behind the weak quarter.
The acquisition makes Coinbase the largest crypto derivatives platform and a credible rival to Binance.