Coinbase Faces Up to $400M Loss from Cyberattack, SEC Scrutiny Adds Further Pressure

/in /tarafından

Coinbase (COIN.O) warned it could incur a loss of $180 million to $400 million from a cyberattack that breached the account data of a small subset” of customers, the company disclosed in a regulatory filing on Thursday. The breach comes at a critical time for the crypto exchange, just days before it is set to join the S&P 500 index.

Breach Details:

  • Coinbase received a ransom email on May 11 from a threat actor claiming to have internal documents and customer data.

  • While login credentials and passwords were not compromised, attackers obtained names, email addresses, and physical addresses.

  • Hackers tricked some users into sending funds, and Coinbase pledged to reimburse those affected.

  • The breach reportedly involved foreign contractors and support staff, several of whom have since been terminated.

Coinbase has refused a $20 million ransom demand and instead offered a $20 million reward for information on the attackers. The company said it’s cooperating with law enforcement and plans to open a new U.S.-based support hub to boost security.

SEC Investigation:

  • In a separate issue, the U.S. Securities and Exchange Commission (SEC) is investigating whether Coinbase misstated its user figures in past reports.

  • The SEC is specifically reviewing the company’s verified user” metric, which Coinbase stopped reporting 2.5 years ago.

  • There is speculation that the probe could relate to know-your-customer (KYC) compliance, though Coinbase denies any such inquiry is ongoing.

This is a hold-over investigation from the prior administration,” said Paul Grewal, Coinbase’s Chief Legal Officer.
We strongly believe this investigation should not continue.”

The SEC declined to comment on the status of the probe.

Market Impact and Industry Implications:

  • Coinbase shares fell 6.5% following news of the breach and investigation.

  • The incident casts a shadow over its upcoming inclusion in the S&P 500, which had been seen as a milestone for mainstream crypto legitimacy.

  • The breach also adds to industry-wide concerns, following the $1.5 billion Bybit hack in February, part of an estimated $2.2 billion in stolen crypto assets in 2024, according to Chainalysis.

The cyberattack may push the industry to adopt stricter employee vetting and introduce reputational risks,” said Bo Pei, analyst at U.S. Tiger Securities.

Coinbase is now also facing a lawsuit in New York alleging it failed to secure personal data of millions of users.

As the crypto industry matures, the growing scale of attacks and regulatory scrutiny continue to challenge the sector’s trust, security, and investor confidence.

Beğenebilecekleriniz:
SoftBank Acquires Foxconn’s Ohio EV Plant to Support Stargate AI Infrastructure Project
OpenAI Eyes $500 Billion Valuation in Potential Employee Share Sale
Adobe Launches Firefly AI Image Generation App for Smartphones, Expands Partner Integrations
OpenAI to spend $100B on backup servers in five-year cloud push
Microsoft Generative AI Research VP Set to Transition to OpenAI
OpenAI May Charge Up to $20,000 Monthly for Access to Expert-Level AI Agents
RevenueCat Raises $50 Million Series C to Expand Subscription Platform Amid AI and Gaming Boom
OpenAI Set to Launch Open-Source AI Model Focused on Reasoning Capabilities