Coinbase (NASDAQ:COIN) denied a $100,000 Bitcoin (CRYPTO: BTC) theft claim from a Coinbase One subscriber, despite the $29.99-a-month service promising up to $1 million in account protection.

The Intuit CRO Who Lost $100,000

Matthew Allan, Chief Risk Officer at Intuit Inc. (NASDAQ:INTU), had nearly $100,000 in Bitcoin stolen from his Coinbase account. 

Despite paying for Coinbase One’s account protection, Coinbase told him he was out of luck because he hadn’t turned on certain security settings required by the terms and conditions.

Coinbase maintained that customers own responsibility for all account activity, even when attackers compromise their devices or credentials.

During five months of back-and-forth, Coinbase maintained that customers own responsibility for all account activity, even when attackers compromise their devices or credentials,” according to court records. 

Allan sued, a court compelled the complaint into private arbitration, and he may never have seen a dollar in compensation.

If Intuit’s Chief Risk Officer couldn’t safeguard his own crypto wallet or understand the fine print in a warranty program, what chance does anyone else have?

The $156,000 Home Invasion

A North Carolina couple suffered a home invasion in 2023 where robbers broke into their home, severely beat the wife, then forced the husband at gunpoint to give them access to his Coinbase account. 

The attackers successfully transferred $156,000 in Bitcoin and Ethereum.

Court records indicate Coinbase ultimately reimbursed the couple, though it’s unclear why.

Coinbase’s criminal insurance excludes losses when attackers force users to authorize transactions under duress, and its premium warranties blur the definition of what qualifies as an “unauthorized” transfer.

A Coinbase spokesperson said the company may choose to reimburse a loss at its sole discretion, even when its contract requires nothing.

The Fine Print Problem

Coinbase introduced account protection in 2021, advertising “reimbursement for up to $1M in losses.” 

However, an 1,800-word subsection detailed numerous exclusions: security vulnerabilities, phishing scams, and failure to use approved two-factor authentication beyond SMS codes.

Less than three years later, Coinbase replaced the program with much lower coverage limits—$1,000 for $4.99 monthly, $10,000 for $29.99 monthly, $250,000 for $299.99 monthly.

Despite the restrictions, Coinbase reported nearly 1 million paid subscriptions. Analyst Owen Lau estimates the company generated about $285 million from Coinbase One last year, roughly 4% of overall revenue.

The Rising Theft Problem

More than $2.7 billion in crypto was stolen in 2025 through hacks, up 22% from 2024, according to Chainalysis. 

“The threats are getting larger and more consistent,” said Harry Denley, who leads threat intelligence at MetaMask.

Crypto.com promises up to $1 million for “unauthorized incursion” with similar restrictions.

Additionally, MetaMask introduced a $9.99 monthly Transaction Shield service guaranteeing against losses up to $10,000, but only 55% of transactions are currently covered.

Image source: Shutterstock