Coinbase Cyber-Attack: Cryptocurrency Exchange Forecasts $180m-$400m Loss
A recent cyber-attack on Coinbase, the largest cryptocurrency exchange in the US, is expected to cost the company between $180m and $400m, according to a report by The Guardian. The attack, which breached account data of a "small subset" of customers, did not include a $20m ransom demand made by the hackers, which Coinbase refused to pay.
In a statement, Coinbase said that the attackers stole some data, including names, addresses, and emails, but did not gain access to login credentials or passwords. The company will, however, reimburse customers who were tricked into sending funds to the attackers. According to The Guardian, Coinbase immediately fired employees involved in the breach, who had been paid by the hackers to collect information from internal systems.
The cyber-attack highlights the ongoing security challenges faced by the cryptocurrency industry. As reported by The Guardian, funds stolen by hacking crypto platforms totaled $2.2bn in 2024, according to a report from blockchain analysis firm Chainalysis. This marks the fourth straight year in which such hacks have topped more than $1bn.
Coinbase, which sees the largest volume of cryptocurrency trades in the US, received an email from an unknown threat actor on 11 May, claiming to have information about certain customer accounts as well as internal documents. In response, the company has established a $20m reward for information on the attackers and is working with law enforcement agencies. As The Guardian reports, Coinbase has also reinforced its controls and will reimburse customers impacted by the incident.
The disclosure comes days before Coinbase is set to join the benchmark S&P 500 index, marking a landmark moment for the crypto industry. According to The Guardian, security remains a challenge for the industry, with Bybit, the world’s second-largest cryptocurrency exchange by trading volume, disclosing in February that attackers had stolen digital tokens worth about $1.5bn.
As The Guardian notes, Coinbase has declined to pay the ransom demand of $20m, instead choosing to investigate the incident and work with law enforcement agencies. In a blogpost, the company stated: "Instead of funding criminal activity, we have investigated the incident, reinforced our controls, and will reimburse customers impacted by this incident." The Guardian has confirmed that Coinbase is taking steps to prevent similar incidents in the future.
The incident highlights the need for robust security measures in the cryptocurrency industry. As reported by The Guardian, the industry has seen a significant increase in cyber-attacks in recent years, with hackers targeting vulnerabilities in exchanges and other platforms. By prioritizing security and working with law enforcement agencies, companies like Coinbase can help prevent future incidents and protect their customers.
Source: The Guardian
