Lawsuits allege endemic security failings, point to crypto theft incidents
The suit also addresses crypto theft along these lines, alleging that Coinbase’s general failure to keep up with its growth has led to failure to establish and maintain adequate cybersecurity measures. The crypto exchange generally has a positive reputation for security, but has experienced several data breaches as recently as last year. An October 2021 attack saw about 6,000 Coinbase accounts compromised after hackers were able to exploit a flaw in the multi-factor authentication system, though the crypto exchange stated that it believes login information was stolen or phished from outside sources in these cases. Coinbase reimbursed customer losses in that case. The platform was also breached twice in 2019 in separate incidents, one of which involved about 3,500 plaintext user passwords stored on a Coinbase Login
Coinbase Login, the lawsuits tend to cite individual crypto theft incidents rather than more general data breaches of this type. One of the lead plaintiffs in the class action suits, George Kattula of Georgia, says that an account he opened in January 2022 with a purchase of $6,000 in crypto funds was breached three months later and emptied. Coinbase was only able to recover $1,000 of the funds in that case. Another plaintiff in a California suit, Manish Aggarwal, says that he lost about $200,000 to hackers earlier in the year and was put through a “recursive loop” of automated systems when he tried to obtain assistance from the crypto exchange that ultimately provided no help.
Some of the plaintiffs in the class action lawsuits allege that these account lockouts and platform stability/security issues tend to flare up during periods of market volatility, when crypto exchanges would rather not deal with a “run” of users looking to move or withdraw assets.
The coinbase exchange was already dealing with several lawsuits prior to the SEC initiating a probe in July of this year, but that action seemed to break the dam open for claims against the company. The SEC has charged a former company manager with insider trading, as he allegedly made use of privileged information about upcoming token and asset launches. The most substantial of the lawsuits thus far is seeking a minimum of $5 million in damages for crypto theft compensation and lost trading opportunities.