Key Insights
-
Coinbase terminated several Indian customer support contractors for allegedly enabling phishing attacks by leaking user data, potentially exposing the company to up to $400 million in remediation costs.
-
Victims included crypto users like Alliance DAO’s Qiao Wang, who detailed a sophisticated social engineering attempt that accessed his personal Coinbase information.
SAN FRANCISCO (MarketsXplora) – Cryptocurrency exchange Coinbase has terminated several customer support contractors in India following allegations they were involved in a data breach that enabled social engineering attacks on users, the company confirmed on Wednesday.
Philip Martin, Coinbase’s Chief Security Officer, said in an interview with Fortune that the flagged individuals were third-party support agents who allegedly provided unauthorized access to user data. Martin suggested the compromised contractors could be Indian nationals.
The breach triggered a series of phishing attempts targeting Coinbase users, with the exchange estimating the potential cost of remediation and reimbursements between $180 million and $400 million. Martin did not confirm the total number of affected users but emphasized that internal investigations are ongoing.
Phishing Incident Sparks Outcry
Qiao Wang, a core contributor at Alliance DAO, shared his experience on social media platform X, describing what appeared to be a coordinated phishing attempt. Wang recounted that a scammer contacted him, claiming his Coinbase account had been compromised and urging him to verify personal details. The attacker then requested that he transfer his funds to what was presented as a Coinbase self-custodial wallet.
“I called them out at the end of the call telling them they need to step up their game,” Wang posted. “They told me they had made $7 million that day.”
The disclosure of the phishing attacks and internal security breach led to a drop in Coinbase Global shares, which fell more than 5% following the U.S. Securities and Exchange Commission’s (SEC) filing estimating possible reimbursements of up to $400 million.
Coinbase Faces Fresh Regulatory Scrutiny
The timing of the breach comes as Coinbase faces heightened scrutiny from U.S. regulators. CEO Brian Armstrong was in Washington, D.C., this week meeting with lawmakers in support of crypto-related legislation. Congress is weighing a stablecoin regulatory bill and drafting a broader digital asset market structure bill—two efforts seen as critical to shaping the future of crypto regulation in the United States.
Adding to Coinbase’s regulatory challenges, The New York Times reported that the exchange is under SEC investigation for allegedly misstating user metrics dating back to its 2021 public listing.
According to the report, a regulatory filing from that year stated Coinbase had 43 million users, while CEO Armstrong later claimed 103 million verified users in 2022. The discrepancy is now being reviewed, although the SEC dropped a separate enforcement action against Coinbase in March. The exchange’s Chief Legal Officer, Paul Grewal, described the user data matter as a “holdover investigation from the prior administration.”
Coinbase has not issued an official comment on the ongoing probe but reiterated its commitment to user security and regulatory compliance in light of the recent breach.