Coinbase Confronts Potential Losses of Up to $300 Million Following Significant Cyber Attack
The cryptocurrency exchange Coinbase has revealed a serious cyber attack that may result in losses ranging from $180 million (£135 million) to $400 million (£315 million), as indicated in a recent regulatory submission to the US Securities and Exchange Commission. The breach has affected a “small subset” of users, leading to the exposure of their personal information.
In its announcement, Coinbase noted that it received an email on May 11 from an unidentified threat actor alleging they had obtained access to sensitive customer information and internal documents. The California-based firm confirmed that names, email addresses, and physical addresses were part of the compromised data; however, login credentials and passwords remained secure.
Following the news, Coinbase’s shares fell by approximately three percent in pre-market trading on Thursday.
This incident occurs at a crucial time for Coinbase, which is gearing up for its addition to the S&P 500 – a significant achievement not only for the company but also for the wider cryptocurrency industry. Coinbase’s entry into the index signifies increasing institutional acceptance of digital assets, even as regulatory scrutiny in the United States escalates.
The company disclosed in a blog post that external support personnel – specifically those operating outside the US, including employees and contractors – were allegedly bribed by attackers to extract data from its internal systems. Those individuals have since been terminated. Coinbase has opted not to meet the hacker group’s ransom request of $20 million (£15.7 million), but it has offered that same amount as a reward for information leading to the identification of the perpetrators.
Additionally, Coinbase confirmed plans to reimburse affected customers tricked into transferring funds to the criminals. “Rather than supporting criminal endeavors, we have investigated the incident, strengthened our controls, and will reimburse customers impacted by this event,” the company stated.
This recent breach underscores the ongoing threat posed by cyber attacks to companies in the cryptocurrency sector and beyond. Nick Jones, CEO of the Scottish crypto platform Zumo, emphasized the growing sophistication of cyber criminals and the urgent need for enhanced industry standards. He highlighted the significance of frameworks such as the European Union’s recently enacted Digital Operational Resilience Act (DORA), aimed at ensuring digital resilience across financial services.
“As our industry evolves, it is crucial to adhere to these principles and collaborate to better safeguard the customers we serve,” he remarked.
Coinbase’s breach follows a series of recent cyber incidents that have affected major technology and retail companies. In February, crypto exchange Bybit experienced a $1.4 billion token theft in one of the largest breaches in recent memory. Moreover, UK high street retailers have also encountered attacks in recent weeks. Marks & Spencer recently confirmed that its systems were still recovering from a significant ransomware attack that disrupted its operations and compromised customer data. Other entities, including the Co-op and the luxury department store Harrods, faced similar breaches. On the same day as the Coinbase announcement, the French luxury brand Dior reported a security breach as well.
As cyber threats continue to advance, both financial and consumer-facing companies are feeling intensified pressure to invest in security systems, enhance oversight of third-party contractors, and respond swiftly to incidents as they arise. For investment platforms like Coinbase – which manage billions in user funds and sensitive financial information – these challenges are becoming increasingly vital for maintaining trust and ensuring regulatory compliance.
