The crypto arena witnessed a shake up as popular cryptocurrency exchange company Coinbase saw its shares drag on Thursday after a cyberattack and an SEC investigation.
The American tech company revealed in a filing on Thursday that a preliminary estimate of the cost for the cyber-attack incident is “approximately $180 million to $400 million.” A spokesperson clarified that the cost is “mostly” for the bounty program and reimbursing affected customers.
This amount will cover payouts to people who got tricked by phishing scams. In 2024 alone, Coinbase was the most impersonated brand in crypto, making phishing calls and fake emails a constant headache. Users who lost funds to those scammers will get their money back under Coinbase’s program.
So, what exactly happened in this new phishing scam? There was a breached account data of a “small subset” of the company’s customers. Coinbase received an email from an unknown threat actor on May 11, claiming to have information about certain customer accounts as well as internal documents.
Based on reports, the hackers demanded 20 million dollars’ worth of Bitcoin to keep silent. Coinbase would not pay that kind of money. Instead, the company announced a $20 million‑dollar bounty for anyone who helps nail those behind the plot.
The company added that the “threat actor” likely got the information by paying non-U.S. based contractors and other employees “to collect information from internal Coinbase systems to which they had access.”
“The communication demanded money in exchange for not publicly disclosing the information,” the filing said. Coinbase said it has not paid the demand and is working with law enforcement.
Data that was stolen included names, addresses and emails, as well as the last four digits of customers’ Social Security numbers. The hackers did not get access to login credentials private keys or passwords, Coinbase said. The crypto exchange’s Prime Accounts also escaped harm. Still, less than 1% of the company’s monthly active traders saw some of their data exposed. The company said it will, however, reimburse customers who were tricked into sending funds to the attackers.
Moving forward, Coinbase says it will tighten data controls and move parts of its support work to new locations. It will also step up staff checks and vetting before agents get access to live systems. On top of that, the exchange aims to boost its fraud‑monitoring tools. Users can expect more alerts when unusual activity shows up on their accounts.
Separately, the New York Times has reported that the U.S. Securities and Exchange Commission was investigating if the company had misstated its user numbers.
“This is a hold-over investigation from the prior administration about a metric we stopped reporting two and a half years ago, which was fully disclosed to the public,” Coinbase’s chief legal officer, Paul Grewal, said.
The outstanding SEC inquiry that remains open began during the Biden administration, according to the New York Times. The probe centers on whether the company misstated its “verified user” numbers in financial disclosures as far back as its initial filing to go public, according to the Times.
Coinbase stopped using the “verified user” metric in 2023. “Based on our evaluation of our Verified Users metric, we do not believe this metric, which is an indicator of the scale of our platform, provides meaningful information related to our business performance,” the company said in a February filing in 2023.
Grewal said the metric was “fully disclosed to the public. We explained that the verified users metric includes anyone who verified their email address or phone number with us, so it may overstate the number of unique customers.”
“We also disclosed — and continue to disclose — the more relevant metric of ‘monthly transacting users’ — the number of people who use our platform in a given month.”
“This is a hold-over investigation from the prior administration about a metric we stopped reporting two and a half years ago, which was fully disclosed to the public,” Grewal said in a statement to Investopedia. “While we strongly believe this investigation should not continue, we remain committed to working with the SEC to bring this matter to a close,” Grewal said. An SEC spokesperson declined to comment on the report.
Coinbase shares extended losses after the report on Thursday and were last down 6.5%.
Earlier in the week the company was celebrating as it announced that it would join the S&P 500 next Monday.
Oppenheimer analysts on Monday set a $293 price target on the shares citing the likelihood of “increased institutional demand and support for the stock.” “We have been predicting this as one of the key catalysts for Coinbase in 2025, and it has finally arrived,” the analysis said. “We believe the inclusion has huge implications for Coinbase and the crypto industry as a whole.” Leading cryptocurrency exchange Bitcoin recently surpassed the $104,000 mark.
With Thursday’s losses, Coinbase’s shares had slipped back into negative territory for this year.
Pump Radar
Stock Alerts
