Lawyers representing individuals claiming to be affected by a recent security incident at Coinbase have alleged that the breach impacted nearly 70,000 users. The revelation comes as multiple law firms prepare to file class-action lawsuits against the cryptocurrency exchange, accusing it of failing to protect customer data.
Alleged Scope of the Breach
Attorneys from firms including Rosen Law and Pomerantz LLP stated in court filings that unauthorized actors accessed personal information—including names, email addresses, and phone numbers—of approximately 69,000 account holders. Some plaintiffs also claim their login credentials and transaction histories were compromised, though Coinbase has not publicly confirmed the full extent of the data loss.
“Our clients trusted Coinbase to safeguard their sensitive information, and the exchange’s alleged negligence has left them vulnerable to fraud and identity theft,” said Rosen Law partner Michael Joseph in a statement. The firms allege the breach stemmed from a combination of weak internal security protocols and delayed notifications to affected users.
Coinbase’s Response
In a limited public statement, Coinbase acknowledged a “security incident” but declined to specify the number of impacted users, citing ongoing investigations. The company said it had implemented additional security measures, including enhanced two-factor authentication, and advised customers to monitor accounts for suspicious activity.
However, plaintiffs argue the exchange failed to meet industry standards, pointing to a lack of encryption for certain user data and alleged delays in notifying customers—some of whom reported discovering the breach through third parties rather than Coinbase itself.
Legal Ramifications and Industry Reactions
If the 70,000-user figure is confirmed, the breach would rank among the largest in Coinbase’s history. The lawsuits seek damages for alleged violations of data protection laws and negligence, with attorneys estimating potential losses in the tens of millions of dollars.
Cybersecurity experts noted the incident highlights persistent vulnerabilities in crypto exchange security, despite industry promises to strengthen defenses. “When platforms hold both financial and personal data, the stakes for security are exponentially higher,” said analyst Lily Chen. “This case may set a precedent for how exchanges are held accountable for data breaches.”
Coinbase, which has faced previous regulatory scrutiny over trading practices, now confronts new legal pressure as it navigates the fallout. The company is scheduled to respond to the lawsuits in court later this month, with a judge expected to rule on class-action certification in the coming months.
What Affected Users Should Do
Attorneys advise potentially impacted individuals to freeze their credit, monitor financial accounts for unauthorized activity, and report suspicious transactions to law enforcement. Coinbase has directed users to its security support page for steps to secure accounts, but critics say the exchange should offer complimentary identity theft protection to affected parties.
The breach comes at a time when crypto platforms are under heightened regulatory and consumer scrutiny, adding urgency to debates over mandatory data breach notification laws and stricter cybersecurity standards for digital asset firms.
Related topic:
