On March 7, Bloomberg reported that Coinbase had refused to accept responsibility or refund a hacking victim. The company responded to an account holder who lost $96,000 last year in a court filing on Monday, March 6.
According to the victim, Jared Ferguson from New York, the company emailed him stating it was his fault, not theirs: “Please note you are solely responsible for the security of your e-mail, your passwords, your 2FA codes, and your devices,” Ferguson sued Coinbase over losses resulting from a security breach in May 2022. “Coinbase’s email disclaimed any responsibility for the hacking of its customers’ accounts,” he stated.
The victim claims he received an SMS message from his mobile carrier regarding a SIM card change request he didn’t make. When he restored service to his device the following day, he discovered that his Coinbase account had been drained. Furthermore, it contained almost his entire life savings.
Ferguson claims that under state and federal laws, Coinbase bears responsibility for unauthorized withdrawals. Nevertheless, America’s multi-billion dollar crypto exchange thinks otherwise.
The case hinges on Coinbase’s security procedure failing to flag and hold “obviously fraudulent and unauthorized transactions,” according to the plaintiff. He claims a new device drained the account in less than eight hours. Furthermore, this occurred immediately after his password was reset from an IP address not previously associated with his account.
In 2021, a separate victim lost $7,200 from a Coinbase account in a SIM swap attack. Again, the company refused to reimburse the losses. Although it is the industry leader in the United States, Coinbase has often been criticized for its lack of customer support. However, it should also be noted that mainstream media outlets such as Bloomberg have been targeting crypto exchanges recently.
In a related development, Coinbase CEO Brian Armstrong has hinted that its new layer-2 network could be subject to anti-money laundering measures. Speaking to Bloomberg Radio on March 6, Armstrong said that Base would initially be centralized with transaction monitoring. He said:
“I think that the centralized actors are the ones that are probably going to have the most responsibility to avoid money laundering issues and having transaction monitoring programs and things like that.”
The base is the firm’s new layer-2 network that it aims to use to onboard 1 billion web3 users. It was launched as a testnet on Feb. 23 and is expected to be deployed to mainnet in Q2, 2023. The company’s stock price fell 2.7% on the day, with COIN changing hands for $62.85 in after-hours trading.