The U.S. Justice Department has reportedly launched a criminal investigation into a recent breach at Coinbase involving bribed overseas staff and a $20 million ransom demand.
U.S. authorities have launched a criminal investigation into how hackers managed to steal sensitive user data from Coinbase by bribing overseas support staff, Bloomberg has learned, citign a person familiar with the matter.
The Department of Justice’s criminal division in Washington is reportedly looking into how hackers gained access to sensitive user data by bribing customer service workers in India.
Paul Grewal, Coinbase’s chief legal officer, told Bloomberg that the company had notified and was working with the DOJ and other U.S. and international law enforcement agencies, and that it welcomed law enforcement’s pursuit of criminal charges against those responsible. The company itself isn’t under investigation, according to Grewal.
Coinbase disclosed the incident on May 15, revealing that hackers had used social engineering tactics to steal user data before demanding a $20 million ransom. But the ransom demand had actually arrived earlier, via an anonymous email sent on May 11, per a regulatory filing. It’s still unclear why it took several days for the exchange to publicly report the breach.
Coinbase said the attackers accessed names, addresses, phone numbers, government-issued IDs, and other account data. The breach may have started as early as January. The company fired the customer service workers involved and estimated the breach could cost up to $400 million to resolve.
The exchange claims that only a small portion of users — less than 1% — were affected, though one of them was Sequoia Capital managing partner Roelof Botha, whose personal information was accessed.
