Coinbase Inc. fails to protect users’ funds from unauthorized transfers, according to a new proposed class action in Georgia federal court by a man who alleges thousands of dollars worth of cryptocurrency were stolen from his account because of lax cybersecurity measures.
Coinbase’s user growth has outpaced its ability to provide the account services and protections it promises to consumers, George Kattula claims in a lawsuit filed Monday in the US District Court for the Northern District of Georgia.
In April, Kattula changed his password as requested by an email purporting to be from Coinbase, the suit alleges. After that, nearly $6,000 worth of cryptocurrency were drained from his account and transferred to unknown parties, he says.
Coinbase also allowed the hackers to withdraw $1,000 from his bank account, the lawsuit alleges.
Although Coinbase reversed the unauthorized transfer of the $1,000, it froze his account and refused to cover all the cryptocurrency that was stolen, Kattula claims.
Coinbase could have easily identified and prevented losses from the unauthorized activity, the lawsuit alleges. Several “obvious red flags” signaled suspicious activity, including that the activity was from a new IP address in a location that Kattula had never used, according to the lawsuit.
The cryptocurrency exchange platform falsely lulled Kattula and other account holders into believing their accounts were secure and insured against losses, the lawsuit claims.
Coinbase also unreasonably locks its consumers out of their accounts, either for extended periods of time or permanently, the suit alleges.
Because of the extreme volatility of cryptocurrencies’ value, the inability to access an account leads to severe financial loss for account holders, the suit says.
Kattula also challenges the arbitration clause in the cryptocurrency exchange platform’s terms of use. At least one court has already determined that the arbitration agreement is unenforceable, his suit says.
Causes of Action: Declaratory Judgment that arbitration provision is invalid; breach of fiduciary duty; breach of contract and the implied covenant of good faith and fair dealing; unjust enrichment; Georgia Fair Business Practices Act; Electronic Funds Transfer Act; negligence.
Relief: Actual and statutory damages; punitive damages; attorneys’ fees and costs; declaratory and injunctive relief; order requiring Coinbase to engage in corrective actions.
Potential Class Size: Unknown number of account holders in nationwide class.
Response: Coinbase didn’t immediately respond to a request for comment.
Attorneys: Herman Jones LLP represents Kattula and the proposed class.
The case is Kattula v. Coinbase Global, Inc., N.D. Ga., No. 1:22-cv-03250, complaint 8/15/22.