Good day everyone,
I hope you are all having a good day, welcome to CryptoGod-1's blog on all things crypto. In this post I will be looking at the news of Coinbase facing a number of lawsuits over alleged bribery scandal.
Coinbase In Trouble?
The cryptocurrency exchange Coinbase has been caught up in an insider bribery scandal which has developed into a legal battle. It exposed the problems within Coinbase’s global support and security framework. The legal pressure has grown as a recent disclosure noted a significant data breach which contained sensitive personal information of its users after cybercriminals bribed overseas support staff.
Between the 15 and 16 of May there were at least six class-action lawsuits filed against the exchange. All of the lawsuits claim that Coinbase failed to maintain stringent security protocols to protect user data and accused the company of negligence, weak cybersecurity infrastructure, and a delayed, inadequate response in the aftermath of the incident.
The breach reportedly happened on May 11 and compromised data belonging to thousands of users. The attackers are now demanding a sum of around $20 million in ransom but the company has refused to pay. Instead they are offering a matching bounty to identify and prosecute the attackers. Coinbase stated:
“We’re committed to full transparency.”
It is believed that the cybercriminals bribed a number of customer support agents to access internal systems. Among the stolen data was names, addresses, phone numbers, emails, the last four digits of Social Security numbers, some bank account identifiers, driver’s licenses, passports and some account data, such as balance snapshots and transaction history.
Coinbase intend to fully cooperates with law enforcement and have set aside between $180 million and $400 million for user reimbursement and remediation efforts, according to a U.S. SEC filing. The company have noted a tightening of their security measures with added ID checks and scam-awareness prompts. A new U.S.-based customer support hub is being established. They will also strengthen their insider-threat detection systems while the India customer support staff who are implicated in this scandal have been terminated, with the individuals being referred for criminal prosecution.
Among the 6 lawsuits against Coinbase saw one of the earliest ones being filed in the U.S. District Court for the Southern District of New York by Paul Bender. He claims that Coinbase failed to implement and maintain basic security protocols to protect users’ data. Bender’s suit argues that the breach has placed affected users at ongoing risk of identity theft and financial fraud, with the potential for long-term, even permanent, consequences due to the immutable nature of the exposed information. He also argues that Coinbase failed to notify users promptly, did not offer identity protection or guidance in the immediate aftermath, and handled the incident in a fragmented and uncoordinated manner.
Another filing in the same court saw Maine resident Zaal Panthaki and Texas-based Alexander Crous make similar accusations against Coinbase. They accused the exchange of systematically underinvesting data security infrastructure. Their class action claims note the company neglected to adequately train employees who handle sensitive user data, particularly those working through outsourced support vendors abroad. It was also noted that Coinbase failed to monitor its third-party vendors and left customer information vulnerable to exploitation.
Coinbase did confirm that that private keys and passwords were not compromised but the leaked personally identifying information (PII) is considered highly valuable to scammers. This is because they would be in a position to use it to impersonate victims and execute sophisticated phishing and fraud schemes.
Another class-action suit was filed by California resident Rosemary Ortiz. The suit argues that Coinbase could have prevented the breach altogether by securely encrypting or deleting older user data it no longer had a legal or operational reason to retain. Ortiz argues that Coinbase amplified the breach’s impact by storing unneeded sensitive information.
None of the plaintiffs have yet reported direct financial harm as a result of the breach but all of them do claim that they are now at a lifelong risk of identity-related crimes. All the arguments note that this is due to Coinbase’s negligence and this has forced them into taking costly and time-consuming measures to monitor their credit, financial accounts, and personal data for potential misuse.
Have a great day.
Peace. CryptoGod-1.
Referral Links and Follow Me:
