Coinbase’s stock experienced a significant drop of over 8% following two major developments that raised concerns about the company’s security and regulatory compliance. The US based cryptocurrency exchange revealed that cyber attackers had stolen sensitive customer data and demanded a $20 million ransom. Instead of paying the ransom, Coinbase CEO Brian Armstrong announced a $20 million bounty for information leading to the attackers’ arrest. The breach affected less than 1% of Coinbase’s monthly transacting customers, and no passwords or private crypto wallet codes were compromised.
In addition to the cyber attack, the New York Times reported that the Securities and Exchange Commission (SEC) is still investigating whether Coinbase misreported user data years ago. This investigation is a holdover from the previous administration and concerns a metric that Coinbase stopped reporting two and a half years ago. Coinbase’s chief legal officer, Paul Grewal, stated that the company is committed to resolving the matter with the SEC.
The cyber attack is estimated to cost Coinbase between $180 million and $400 million, primarily for the bounty program and customer reimbursements. Armstrong emphasized the company’s commitment to security and transparency, stating that they will not pay the ransom but will work to bring the attackers to justice. Coinbase continues to navigate regulatory challenges and market volatility, but remains optimistic about its long-term growth and the broader acceptance of cryptocurrency.