The US Department of Justice has launched an investigation into a recent cyberattack on Coinbase Global, the world’s largest cryptocurrency exchange, following a data breach that exposed customer information.
Coinbase reported receiving an email from unknown threat actors on 11 May, claiming to possess information about certain customer accounts and internal documents. The company expects financial losses between $180 million and $400 million as a result of the breach.
“We have notified and are working with the DOJ and other US and international law enforcement agencies and welcome law enforcement’s pursuit of criminal charges against these bad actors,” said Paul Grewal, chief legal officer at Coinbase.
According to sources familiar with the matter, Coinbase itself is not under investigation. “Coinbase is not under DOJ investigation, DOJ is investigating the criminal actors,” a source told Reuters on Monday.
The cybercriminals reportedly employed a social engineering attack, bribing customer representatives based in India to collect data from internal Coinbase systems. These employees have since been dismissed. The hackers subsequently demanded a $20 million ransom to prevent public disclosure of the stolen information.
Coinbase has confirmed that while attackers managed to steal some data, including names, addresses and emails, they did not gain access to login credentials or passwords. The cryptocurrency exchange disclosed the breach publicly last Thursday.
Justice Department investigators, including those from the department’s criminal division in Washington, are now examining the circumstances surrounding the breach, according to Bloomberg sources.
The cyberattack represents one of the most significant data breaches in the cryptocurrency sector this year, highlighting ongoing security challenges faced by digital asset platforms despite increased regulatory scrutiny.
