Coinbase Expected to Pay $180 to $400 Million in Compensation for Data Leak, According to SEC Filing
Coinbase, the largest cryptocurrency exchange in the United States, has just announced information about a serious data leak that could require the company to pay between $180 and $400 million in compensation to affected customers. This information was disclosed in an official report submitted to the U.S. Securities and Exchange Commission (SEC) on May 15, marking one of the most expensive data breaches in the cryptocurrency industry's history.
According to Coinbase's official blog, the incident was not due to a vulnerability in the platform's technical infrastructure, but rather the result of cybercriminals bribing outsourced support staff in other countries to steal customer information. Although private encryption keys and passwords remained safely protected, a large amount of personal customer data was stolen, including names, addresses, phone numbers, emails, and even identity document images such as passports.
The attackers then used this information to conduct targeted phishing campaigns, impersonating Coinbase employees to trick customers into providing account login credentials. From there, they could access and steal cryptocurrencies from victims' accounts.
Failed Extortion, Coinbase Sets $20 Million Reward for Catching Perpetrators
The incident was only made public after Coinbase received an extortion email on May 11 from the attackers, demanding $20 million to not disclose the stolen information. Instead of accepting the extortion demand, Coinbase decided to report the matter to law enforcement and offer a $20 million reward to anyone providing information that helps arrest and convict those behind the attack.
In fact, the exchange stated that they had detected unusual activities in the previous months and immediately terminated the contracts of the related employees. The company also sent warnings to customers whose information might have been potentially accessed illegally.
To address the consequences, Coinbase has begun the process of compensating users and implementing additional security measures to prevent similar incidents in the future. One notable measure is the opening of a new support center in the United States, which may aim to reduce risks associated with hiring support staff overseas.
Notably, the famous blockchain investigator ZachXBT had issued a warning about the incident as early as February 2024, sharing evidence of large-scale phishing campaigns targeting Coinbase customers using stolen data. This suggests that the problem may have existed long before Coinbase officially disclosed it.
