Coinbase, a major cryptocurrency exchange, suffered a significant data breach on May 11th, resulting in the exposure of sensitive user information. The attackers, having bribed overseas employees or contractors, gained access to data including names, addresses, phone numbers, partially masked social security and bank account numbers, and other crucial details. Coinbase swiftly responded by terminating the involved personnel and engaging U.S. and international law enforcement to pursue criminal charges.
The breach’s financial impact on Coinbase is substantial. In an SEC filing, the company projected remediation costs and voluntary customer reimbursements to range from $180 million to $400 million. This revelation caused a 4% drop in Coinbase’s share price, falling below $253 during early U.S. trading.
Coinbase’s proactive measures include fully reimbursing customers who fell victim to the attackers’ schemes, a commitment detailed in a company blog post. Furthermore, a $20 million bug bounty has been offered for information leading to the arrest of those responsible. The attackers initially demanded a $20 million ransom in Bitcoin to prevent the release of the stolen data.
While the breach compromised significant personal information, Coinbase assures users that two-factor authentication codes and private keys remained unaffected. The attackers also obtained government ID images, account balances, and corporate data. This incident follows a claim by on-chain investigator ZachXBT three months prior, alleging $300 million in losses from social engineering scams targeting Coinbase users.
The scale of the breach underscores the growing challenge of cybersecurity in the cryptocurrency industry. Coinbase’s response, encompassing both financial compensation and law enforcement cooperation, highlights the gravity of the situation and the company’s commitment to addressing the consequences for affected users. The ongoing investigation will likely shed further light on the details and extent of this major security incident.
