The cryptocurrency industry is on alert again following a serious hacking of Coinbase, one of the most important platforms in the sector. This firm, recognized for popularizing the arrival of cryptocurrencies in the US market, is now in the eye of the storm. A group of cybercriminals claims to have breached Coinbase's security and accessed confidential information of its users.
Currently, Coinbase manages a significant portion of the $122 billion in tokens linked to spot Bitcoin ETFs. The exchange is not only notable for its size but also for its fundamental role in the regulatory advancement that allowed the inclusion of cryptocurrency-related products in traditional markets. To achieve this, over the past three years, Coinbase has driven an unprecedented lobbying effort, sending dozens of pro-crypto lawmakers to Washington.
However, on this occasion, Coinbase has taken a firm and direct stance. On May 11, the hackers sent an email demanding a ransom of $20 million. The company decided not to comply with this demand and opted to face the losses, which are estimated to be around $400 million.
The hacking of Coinbase overshadows the exchange's arrival at the S&P 500
According to a source familiar with the company who requested to remain anonymous, the attackers have had access to the information since Wednesday, May 14. However, a representative of the firm commented, «We have no reason to believe that is true».
It seems that the hackers managed to bribe several customer service agents at Coinbase. In fact, the company itself revealed that it detected suspicious activities among some employees, leading to the immediate revocation of their access and their dismissal. Coinbase assured that less than 1% of users who make transactions monthly were affected by this breach.
In the Bloomberg News interview, Philip Martin, Coinbase's security director, commented as follows about the attackers' modus operandi:
«What these attackers did was find employees and contractors of Coinbase based in India who were associated with our business process outsourcing or support operations, that kind of stuff, and bribe them to get customer data».
Coinbase has offered a $20 million reward for anyone who provides information leading to the capture of those responsible. This reward represents a strong incentive for the attackers to consider the legal consequences of their actions.
This incident has overshadowed Coinbase's recent inclusion in the S&P 500 index. Just three days after its entry, the company faces one of its greatest security crises. Joining the S&P 500 will be key to the integration of cryptocurrencies into retirement plans and other financial products, which will eventually lead to millions in investments that will further strengthen the crypto ecosystem.
A new investigation by the SEC
Bad news continues for Coinbase following the recent hacking of the platform. According to the New York Times, the U.S. Securities and Exchange Commission (SEC) has launched an investigation against the exchange. The main reason is an alleged misrepresentation of the number of users reported in past disclosures. This inquiry is part of an investigation dating back to the Biden administration.
In response, Paul Grewal, Coinbase's legal director, stated: «This is an ongoing investigation from the previous administration regarding a metric we stopped reporting two and a half years ago and that was fully disclosed to the public». Additionally, Grewal reaffirmed the company's commitment to cooperate with the SEC, although he believes the investigation is unnecessary.
The news about the investigation and the hacking negatively impacted the market, causing a 7.2% drop in Coinbase's shares. Given such uncertainty, it is natural for many investors to reduce their positions. However, the exchange remains firm in its willingness to cooperate with the authorities and not to yield to the attackers' demands.