Coinbase hit with wave of lawsuits over customer data breaches

Coinbase is facing a wave of lawsuits following a disclosed data breach and subsequent extortion attempt. Multiple lawsuits, filed in New York and California federal courts between May 15th and 16th, allege Coinbase failed to maintain adequate security measures, leading to the compromise of user data. These lawsuits highlight a pattern of accusations against the exchange for its handling of the incident.

One lawsuit, filed by Paul Bender in a New York federal court, specifically cites Coinbase’s failure to implement and maintain reasonable security safeguards. Bender argues this negligence exposed millions of users to significant and ongoing risks of identity theft and financial fraud. The complaint criticizes Coinbase’s response as inadequate, fragmented, and delayed, claiming users weren’t promptly informed of the breach and weren’t provided with sufficient mitigation steps or identity protection services. The potential long-term consequences, including permanent damage from compromised information, are also emphasized.

Other lawsuits filed in New York echo these claims, with one adding accusations of unjust enrichment due to perceived insufficient investment in data security measures. All these complaints seek damages and protective measures for affected users’ data. A California-based lawsuit goes further, requesting the court order Coinbase to purge plaintiffs’ data and mandate the hiring of third-party security auditors.

Coinbase’s response has been limited to directing inquiries to a blog post detailing the $20 million extortion attempt resulting from bribed customer support agents. The post acknowledges the breach, which involved the theft of sensitive user information including names, addresses, phone numbers, partial Social Security numbers, bank account details, and driver’s licenses. Coinbase stated it refused to pay the ransom and plans to reimburse affected users. The exchange anticipates reimbursement costs between $180 million and $400 million, as disclosed in a SEC filing. Furthermore, reports indicate Coinbase has dismissed several customer support agents implicated in the social engineering attacks.

Despite the negative publicity and lawsuits, Coinbase’s stock initially dipped but has since rebounded, suggesting investor confidence remains relatively stable.

Leave a Reply

Your email address will not be published. Required fields are marked *