“Hard” hacker! Coinbase (COIN.US) refuses to pay $20 million in ransom remedies or up to $400 million

The Zhitong Finance App learned that Coinbase (COIN.US) said that hackers bribed contractors or employees outside the US to steal sensitive customer data, demanded a $20 million ransom, and set up a $20 million reward fund to track down the attackers. The largest US cryptocurrency exchange says it won't pay a ransom. This is one of the crypto trading platform's most high-profile security flaws, which could cost the company up to $400 million in remediation fees.

Coinbase said in a statement on Thursday that the leaked data included names, addresses, phone numbers, some account information, etc., but did not involve passwords, private keys, or access to funds. The attackers plan to use this data to pretend to be Coinbase official and convince users to hand over their cryptocurrencies. Less than 1% of the exchange's monthly trading users have been affected, according to Coinbase. In addition to tightening security controls for those affected, Coinbase also said it will fully reimburse anyone who lost it.

According to a regulatory document released on Thursday, based on currently available information, Coinbase said preliminary estimates suggest that the company will face “remediation costs and voluntary customer reimbursement” of between $180 million and $400 million. It added that further review of potential losses, claims and potential compensation may meaningfully increase or decrease this estimate.