One of the world’s leading cryptocurrency exchanges has suffered a cyber attack that could cost it $400m (£301m).

Hackers breached account data of a "small subset" of its customers and then tricked them into sending funds, the company said in a regulatory filing.

Coinbase received an email from an unknown threat actor on 11 May, claiming to have information about some customer accounts as well as internal documents.

Money blog: 'Game-changing' 100% mortgage launched

The hackers did not gain access to login credentials or passwords, but data including names, addresses and emails were stolen, Coinbase said.

The hackers had paid multiple employees and contractors working in support roles outside the US to collect the information. Everyone involved has been fired, it said.

Coinbase will reimburse all customers who were tricked into sending funds to the attackers - and estimates costs surrounding the hack will total between $180m (£135m) and $400m.

The exchange refused to pay a $20m (£15m) ransom to the hackers and is working with law enforcement agencies. It has also established a $20m reward for information on the attackers.

Coinbase is also opening a new US support hub and taking other measures to prevent cyber attacks, it said.

This development comes just days before Coinbase is set to join the S&P 500 index - in what is expected to be a landmark moment for crypto.

More from Sky News:
Co-op updates on cyber attack recovery
UK economy grows more than expected

Security remains a challenge for the industry and in February, Dubai-based Bybit disclosed a hack which saw around $1.5bn (£1.19bn) of digital tokens stolen - widely dubbed the biggest crypto heist of all time.

"As our nascent industry grows rapidly, it draws the eye of bad actors, who are becoming increasingly sophisticated in the scope of their attacks," said Nick Jones, founder of crypto firm Zumo.

(c) Sky News 2025: Cryptocurrency platform Coinbase warns of up to $400m hit from cyber attack