Coinbase Chief Legal Officer Paul Grewal said, “We have notified and are working with the DOJ and other U.S. and international law enforcement agencies and welcome law enforcement’s pursuit of criminal charges against these bad actors.”
Coinbase’s Response and Mitigation
In a blog post, Coinbase revealed that the breach began with an extortion attempt and a $20 million ransom demand. The company refused to pay and instead offered a matching bounty for information leading to the attackers’ capture.
Coinbase has earmarked $180 million to $400 million for user reimbursement and remediation efforts, as noted in its SEC filing.
Additional steps taken by Coinbase:
- Terminated implicated support staff in India and referred them for prosecution
- Strengthened internal insider-threat detection systems
- Increased identity checks and scam-awareness prompts
- Established a new U.S.-based customer support hub
- Contacted affected users directly to offer support
Despite these efforts, lawsuits argue that the damage was avoidable. Plaintiff Rosemary Ortiz stated that Coinbase “amplified the breach’s impact by retaining old sensitive data it no longer needed.”
Ongoing Investigations and Industry Impact
Although Coinbase is not currently under DOJ investigation, law enforcement is pursuing charges against the perpetrators.
