This story was originally published on Banking Dive . To receive daily news and insights, subscribe to our free daily Banking Dive newsletter .

Coinbase doesn’t plan on bending to a $20 million ransom demand from hackers who coaxed customer information out of international support agents, the company said Thursday.

Instead, Coinbase is offering a $20 million reward for information leading to the arrest and conviction of these hackers, who bribed “weak links” found on the cryptocurrency exchange company’s customer support team to access 1% of customers’ information, CEO Brian Armstrong said on social media site X .

“Our support tools have limited access to customer information. There [were] no passwords or private keys or funds accessed as part of this, but customer support agents do have access to personal information like name, date of birth, address, etc.,” Armstrong said. “Attackers still want access to this information because it allows them to conduct social engineering attacks, where they can call our customers, impersonating Coinbase customer support and try to trick them into sending their funds to the attacker.”

Social engineering attacks, which bypass technical defenses by manipulating people into giving up private information, account for 70% to 90% of cyberattacks, according to cybersecurity software firm Secureframe . Phishing and smishing – phishing’s SMS cousin – are common instances of social engineering attacks.

Through a few “bad apples,” Coinbase’s leaked information included names, addresses, phone numbers and email addresses; masked Social Security numbers; masked bank account numbers; driver’s license and passport photos; and balance and transaction histories, according to a company blog post .

The incident – which Coinbase learned of from an attacker email Sunday demanding ransom – could cost the exchange up to $400 million, according to a securities filing , between remediating security issues and reimbursing customers.

As a result, the company will move some of its customer support operations, including by opening a new support hub in the U.S.

Coinbase terminated all personnel involved and implemented heightened fraud-monitoring protections, according to the filing, and notified customers whose information was potentially accessed.

“For these would-be extortionists or anyone seeking to harm Coinbase customers, know that we will prosecute you and bring you to justice,” Armstrong said in his video on X.