American cryptocurrency exchange Coinbase has faced relentless backlash since it announced the acquisition of blockchain intelligence firm Neutrino on Feb 19, 2018.

The acquisition triggered a wave of criticism, with the cryptocurrency community on Twitter calling for the mass deletion and boycott of Coinbase accounts as a sign of protest.

Now, a Coinbase executive has reportedly gone on record to state that a previous intelligence firm hired by the exchange was caught selling customer data to third parties for a profit.

Acquiring Neutrino Was a Necessity

Coinbase’s acquisition of Neutrino generated a fair bit of controversy. This was partly because Neutrino’s founders previously led the surveillance firm Hacking Team, which was used by countries to spy on dissident individuals. A Washington Post article explicitly mentioned the involvement of Hacking Team in the murder of Saudi journalist Jamal Khashoggi.

Now, however, the Head of Sales at Coinbase, Christine Sandler, has stated that a previous provider leaked critical user data. The data was then sold to other firms, unbeknownst to Coinbase until very recently. The revelation could unlock a plethora of legal problems for Coinbase.

In 2014, Hacking Team developed software called Money Module which allowed anyone to completely access another device remotely. Attackers could potentially use it to access the device owner’s Bitcoin (BTC) wallet and monitor all crypto related emails on the host device. The governments of Egypt and Saudi Arabia reportedly expressed interest in using this software and even had state officials extend communications to Hacking Team.

As a result of these incidents, Coinbase customers and the cryptocurrency community believe that the partnership could have negative implications for the privacy of users signed up on the exchange.

The Fight for Privacy

Needless to say, the revelation made by Sandler raises many important questions and concerns. There is no exact data available on the number of users who were victims of the data breach by the previous supplier and Coinbase has yet to release an official statement on the matter.

Companies generally have a legal responsibility to inform users in the event of a data breach. Additionally, Coinbase has the option of filing a lawsuit against the concerned service provider. At this point in time, it is unclear if Coinbase has done either.

Meanwhile, Coinbase could face class action lawsuits from users for leaking their data.

As for its latest purchase of Neutrino, Coinbase continues to remain silent on the controversy.

Do you believe Coinbase has handled the data breach in an unprofessional manner? Let us know your thoughts in the comments below!