Coinbase Might Take $400 Million Hit in Reimbursement Costs After Breach

Coinbase recently disclosed a cyberattack on its network. As part of the attack, cybercriminals managed to steal funds from exposed users under false claims. The crypto exchange said it will voluntarily reimburse users affected by the data breach. In a filing with the US Securities and Exchange Commission (SEC), the exchange preliminarily estimated that these remediation expenses could range between $180 million (roughly Rs. 1,541 crore) and $400 million (roughly Rs. 3,426 crore).

Coinbase Says Estimates Could Increase or Decrease After Thorough Review

The firm submitted its 8-K filing to the SEC on May 14. It said that the losses it has estimated based on preliminary analysis could increase or decrease after a thorough review of other factors is conducted. These include indemnification claims and potential recoveries.

“The company is continuing to review and bolster its anti-fraud protections to mitigate the risk that the compromised information could be used in social engineering attempts. The company is also in the process of opening a new support hub in the United States and taking other measures to harden its defenses to prevent this type of incident,” the filing noted.

Coinbase CEO Brain Armstrong said cyber criminals managed to bribe some overseas support agents of the company to gain access to the personal user data of “less than one percent of its users.”

As per Armstrong, the attackers reached out to the exchange claiming possession of this user data and demanded a ransom of $20 million (roughly Rs. 171 crore) for not leaking the data. The company CEO has refused to surrender to this ransom demand. Instead, he announced a $20 million (roughly Rs. 171 crore) reward fund inviting information on these attackers.

“Since receipt of the email, the Company has assessed the email to be credible,” the exchange said in its filing.

Coinbase, in a blog post, claimed that the insiders who were found involved with the incident have been fired for abusing their access to customer support systems and stealing their data.

The attackers have managed to obtain details including the bank account numbers, government IDs, and the account data of the impacted users. Other details such as names, addresses, emails, and masked social security numbers have also been breached as part of this incident.

The company does, however, claim that no passwords, private keys, or funds were exposed in the breach. As per a Bloomberg report, the US SEC is also part of the ongoing probe into the incident.

Following Coinbase’s disclosure of the incident, its stocks reportedly fell by more than six percent.

Coinbase has yet to disclose the exact amount of funds its users ended up sending to the attackers. It also remains uncertain if the data breach only affected Coinbase users in the US or if international users were also impacted.

“While Coinbase has not experienced material operational impacts from these events as of the date hereof, the full financial impact of the Incident on the company is still in the process of being assessed,” it added in its SEC filing.