Coinbase is grappling with the fallout from a recent cybersecurity incident, with preliminary estimates suggesting the breach could cost the cryptocurrency exchange as much as $400 million. The company disclosed this potential financial impact in a filing with the Securities and Exchange Commission (SEC).

The examination into the incident remains ongoing, leaving the full scope of the damage still uncertain. Though,Coinbase is taking proactive steps to address the situation,including reimbursing affected customers.

The Estimated Costs

According to the SEC filing, the company anticipates important expenses related to the cyberattack:

Based on the information available to the Company on the date hereof and based on facts that continue to evolve, the Company has preliminarily estimated expenses to be within the range of approximately $180 million to $400 million relating to remediation costs and voluntary customer reimbursements relating to this Incident, prior to further review of potential losses, indemnification claims and potential recoveries, which could meaningfully increase or decrease this estimate.

This estimate encompasses both the costs of fixing the security vulnerabilities and the voluntary reimbursements to customers who were victims of the attack.

Details of the Cyberattack

The cyberattack involved social engineering tactics, where criminals targeted Coinbase customers using data stolen from the company. The attackers successfully convinced a small group of company insiders to copy data from customer support tools, affecting less than 1% of Coinbase’s monthly transacting users.

The attackers then used this information to impersonate Coinbase and trick users into transferring their cryptocurrency. The company explained the attackers’ strategy in a blog post:

Their aim was to gather a customer list they could contact while pretending to be Coinbase – tricking people into handing over their crypto. They then tried to extort Coinbase for $20 million to cover this up. We said no.

Rather of succumbing to the extortion attempt, Coinbase has chosen to take a different approach.

Coinbase’s Response

Coinbase has refused to pay the $20 million ransom demanded by the cybercriminals.instead, the company is offering a $20 million reward for information leading to the arrest and conviction of those responsible for the attack.

Furthermore, Coinbase is voluntarily reimbursing users who were deceived into sending funds to the attackers. this decision underscores the company’s commitment to protecting its customers and maintaining trust in its platform.

The Rise of Social Engineering Fraud

The Coinbase incident highlights the growing threat of social engineering fraud. According to a PYMNTS intelligence report, social engineering fraud has increased by 56% in the past year.

Fraudsters are increasingly targeting consumers directly, using complex scams that leverage fear, urgency, and fake customer service lines to obtain sensitive information. The report,”The State of Fraud and Financial Crime in the U.S. 2024: What FIs Need to Know,” emphasizes the need for financial institutions to adopt proactive and holistic security measures.

schalk nolte, CEO of Entersekt, emphasized the importance of robust security measures in a recent interview:

Social engineering scams and others are outpacing conventional fraud prevention measures.
Schalk Nolte, CEO of Entersekt