Coinbase has revealed a cyberattack on its platform, in which criminals exploited false claims to steal funds from vulnerable users. The crypto exchange has pledged to voluntarily compensate those impacted by the breach. According to a filing with the US Securities and Exchange Commission (SEC), the estimated cost of remediation could fall between $180 million and $400 million.
Coinbase stated that its preliminary loss estimates could fluctuate following a comprehensive review.
In its 8-K filing with the SEC on May 14, the company acknowledged that its remediation costs might rise or fall based on various factors, including indemnification claims and potential recoveries.
“The company continues to assess and strengthen its anti-fraud measures to reduce the risk of compromised information being exploited in social engineering attacks. Additionally, it is launching a new support hub in the United States and implementing further security enhancements to prevent future incidents,” the filing outlined.
Coinbase CEO Brian Armstrong disclosed that cybercriminals had bribed some overseas support agents to obtain personal user data, affecting “less than one percent” of its users.
According to Armstrong, the attackers contacted the exchange, claiming to possess this data and demanding a $20 million ransom to refrain from leaking it. Refusing to comply, Armstrong instead announced a $20 million reward for information leading to the perpetrators.
“The company has assessed the email and deemed it credible,” the filing noted.
Coinbase revealed in a blog post that employees implicated in the incident were terminated for misusing their access to customer support systems and stealing user data.
The attackers managed to obtain sensitive information, including bank account details, government-issued IDs, and account data of affected users. Additional compromised data includes names, addresses, email addresses, and masked social security numbers.
However, the company assured that no passwords, private keys, or funds were exposed in the breach. According to a Bloomberg report, the US SEC is also actively involved in investigating the incident.
After Coinbase disclosed the cyberattack, its stock reportedly dropped by over six percent.
The company has not yet revealed the total funds transferred by affected users to the attackers. Additionally, it remains unclear whether the breach was limited to US-based users or if international accounts were also compromised.
