Crypto exchange Coinbase (COIN-3.06%) thinks it will be on the hook for $180 million to $400 million after a cyber attack breached a “small subset” of its customers’ accounts. Investors sent the shares sliding more than 6% Thursday midday as they digested the news.
Coinbase posted a detailed account of what happened on its website, which makes for some riveting reading.
The hackers targeted Coinbase’s support agents overseas, offering cash bribes to a small group of workers for data from customer support tools, the company said. The exchange added that the copied data they handed over involved less than 1% of its monthly transacting users. The hackers aimed to gather a customer list they could contact while pretending to be Coinbase, intending to trick people into handing over their crypto. The hackers then tried to extort Coinbase for $20 million to cover this up, the company said.
“No, we are not going to pay your ransom,” was the public reply from Brian Armstrong CEO of Coinbase. He posted a video message on X describing the incident, saying that the hackers were “able to find a few bad apples” in Coinbase support to take the bribes.
In response, Coinbase said it’s hardening systems around customer support to make future attacks more difficult, Armstrong said. Coinbase will also be relocating some customer support operations. Armstrong also said that instead of paying the $20 million ransom, they will use it to go after the hackers.
“Instead of paying $20 million dollar ransom, we are turning it around,” Armstrong said, offering a $20 million reward for the capture of the suspects.
While no customers lost money from the attack, in a filing with the Securities and Exchange Commission Coinbase said it expects the incident to cost the company approximately $180 million to $400 million in remediation costs and voluntary customer reimbursements relating to the incident. The filing says after a full review, the numbers could be adjusted upwards or downwards.
“The full impact of these events are not yet known,” the filing states.
David Acosta, founding partner at ARBOai, a consulting firm that specializes in AI profit audits, told Quartz that Armstrong’s response was a “power move” and “transparent.” He says the company took the right steps with customer protection.
“By prioritizing customer protection over short-term risk mitigation, like paying ransoms, they reinforce trust in an industry where security breaches can devastate market confidence,” Acosta said, adding that the crypto sector has had multiple black eyes over the last decade. He said the action by hackers is a reminder that top-tier exchanges remain high-value targets.
The post Coinbase’s cyber attack could cost it $400 million appeared first on Quartz.
