Coinbase Flags Cyberattack Due to Bribed Staff

Coinbase Flags Cyberattack Due to Bribed Staff

Days after announcing that it would join the S&P 500 benchmark, crypto exchange Coinbase disclosed that it was a victim of a cyberattack involving overseas staff who were bribed.

Coinbase suffered from a cyberattack involving support staff outside the US who were bribed and recruited to steal customer data, according to a regulatory filing.

A variety of information was obtained including names, addresses, phone numbers, email addresses, masked bank account numbers and some bank account identifiers. The aim was to contact customers and trick them into transferring crypto by pretending to be Coinbase. No login credentials or private keys were taken nor did the attackers gain any ability to move or access customer funds.

The rogue staff were fired on the spot and referred to US and international law enforcement with plans to press criminal charges.

Estimated Impact

While Coinbase said there was no material operational impact, it estimates that there will be expenses of $180 million to $400 million related to remediation costs and voluntary customer reimbursements.

In addition, the hackers have also demanded Coinbase pay a $20 million ransom. The firm has said it will not pay and instead form a $20 million reward fund for information leading to the arrest and conviction of the attackers.

Coinbase first received an email from threat actors about the theft of data and ransom on May 11. The firm recently reached a key milestone after becoming the first-ever crypto company to join the S&P 500 Index.