Justice Department Investigates Coinbase Data Breach Amid Extortion Attempts

The Justice Department is investigating a recent Coinbase data breach, where insiders were manipulated into leaking customer data. Coinbase plans to reimburse users affected by social engineering attacks and has established a $20 million reward fund for information leading to the hackers’ arrest. The overall cost of this incident could reach up to $400 million, and other exchanges like Binance and Kraken have also faced similar attacks, albeit without data compromises.

The Justice Department is currently looking into a data breach disclosed by Coinbase Global last week. Paul Grewal, Coinbase’s Chief Legal Officer, confirmed the investigation in a Bloomberg report, stating the company is collaborating with the DOJ and various U.S. and international law enforcement agencies while supporting the push for criminal charges against those responsible for the breach.

Coinbase announced on May 15 that it will be reimbursing certain users affected by what escalated into an extortion attempt. In their blog, the company explained that a small set of insiders had been manipulated by cybercriminals into extracting customer support data, affecting under 1% of its active users. The attackers aimed to impersonate Coinbase in order to deceive customers into revealing their crypto holdings and subsequently demanded a ransom of $20 million for silence about their actions.

Rejecting the ransom request, Coinbase decided instead to launch a $20 million reward fund aimed at information leading to the arrest and prosecution of the offenders. The company also assured that it would refund customers who fell victim to social engineering schemes tied to this breach. Coinbase has stated in a recent filing with the Securities and Exchange Commission that the overall cost of the incident could reach as high as $400 million.

The investigation into this cyber incident is ongoing, leading to uncertainty regarding the full repercussions of the breach as of now. On a related note, reports surfaced on May 16 that rival exchanges Binance and Kraken had been subjected to similar social engineering attacks but reportedly managed to thwart them without compromising any customer data.

The growing concern around centralized stores of user information has become especially significant in today’s financial landscape, particularly with cryptocurrency’s rise to prominence. In an interview released on Monday, Bezalel Eithan Raviv, CEO of Lionsgate Network, revealed that numerous Coinbase customers believed to be on the hackers’ list had approached them for assistance after being targeted by individuals impersonating Coinbase Support, highlighting the widespread fallout from this data breach.