The US Department of Justice (DOJ) has launched an investigation into the recent customer data breach at Coinbase, as reported by Bloomberg News on May 19. The attack on the popular cryptocurrency exchange has raised concerns about the security of user information and the vulnerability of digital assets.
Coinbase’s chief legal officer, Paul Grewal, has confirmed that the company is fully cooperating with federal law enforcement agencies in the investigation. Grewal also stated that Coinbase intends to take legal action against those responsible for the breach. Additionally, the company is working closely with other US and international law enforcement agencies to address the issue.
The breach at Coinbase was the result of an extortion attempt by attackers who bribed third-party contractors and employees in India. These individuals had privileged access to the firm’s internal support systems, allowing the attackers to gain unauthorized access to customer data. The breach affected less than 1% of Coinbase’s monthly active users and compromised names, contact details, identity documents, and partially masked financial information. However, core infrastructure such as private keys and cold wallets remained secure.
In response to the breach, Coinbase CEO Brian Armstrong revealed that the attackers demanded a $20 million ransom in Bitcoin. The company refused to pay the ransom and instead announced a $20 million reward fund for information leading to the identification and prosecution of the perpetrators. This move reflects Coinbase’s commitment to holding those responsible for the breach accountable.
The financial impact of the breach is still being assessed by Coinbase, with preliminary estimates indicating remediation costs and user reimbursements could range from $180 million to $400 million. The company has pledged to compensate all affected users and has taken steps to terminate the compromised individuals involved in the breach.
Security researcher ZachXBT has been monitoring phishing and social engineering schemes targeting Coinbase users, attributing more than $300 million in annualized losses to similar attacks on the exchange’s customers. These attacks often involve impersonation tactics and the extraction of seed phrases through elaborate deception campaigns.
The DOJ’s investigation into the Coinbase breach marks a significant escalation in the response to insider-related breaches in the crypto sector. The outcome of the investigation will likely have far-reaching implications for the security and regulation of cryptocurrency exchanges moving forward.