- Coinbase’s data breach originated from TaskUs employees in India sharing customer data with hackers.
- The breach was detected in January but publicly disclosed in May after an extortion demand.
- Over 200 TaskUs employees were fired, and Coinbase has cut ties with implicated personnel.
According to a recent report by Reuters, the cryptocurrency exchange Coinbase faced a data breach, which has been connected to an India-stationed outsourcing company. The breach, which went public in May, involved access to customer credentials that reportedly began in January. Coinbase announced that the incident could cost Coinbase up to $400 million to improve its security to avoid future breaches like that.
Incident Details and Immediate Response
The breach occurred when an employee of TaskUs, a U.S.-based outsourcing firm with operations in India, was caught photographing her work computer screen with a personal phone. The employee worked in the Indian city of Indore. Multiple former TaskUs employees confirmed that the woman and a suspected accomplice allegedly shared Coinbase customer information with hackers in exchange for bribes.
Sources said the exchange received immediate notification about the breach. Company investigators and colleagues who witnessed the incident briefed some TaskUs employees about the case. Following the discovery, TaskUs terminated over 200 employees in a mass layoff that attracted local media attention.
Coinbase first reported the breach publicly on May 14 through an SEC filing. The company acknowledged unauthorized access by overseas support agents but did not initially specify TaskUs as the source. The filing mentioned that Coinbase became aware of contractors accessing employee data “without business need” in “previous months.” The company linked the breach to a wider campaign only after receiving an extortion demand on May 11.
In a statement to Reuters, the company said it recently uncovered the full scope of the incident. The company severed ties with the involved TaskUs personnel and other unnamed overseas agents. It also strengthened control measures following the breach.
TaskUs’ Statement and Investigation Status
TaskUs confirmed firing two employees earlier this year for illegally accessing client information. The company did not name the exchange initially, but reported the activity to the affected client. TaskUs described the fired workers as part of a broader, coordinated criminal campaign targeting the client and its service providers.
The person familiar with the matter verified that Coinbase was the affected client and that the incident took place in January. Authorities in Indore have not commented on arrests or ongoing investigations. This breach raises questions about the timeline of disclosure and Coinbase’s early awareness of the issue.
The link between TaskUs employees and the customer data leak adds complexity to the case. More details could emerge as investigations proceed, but Coinbase’s estimated financial impact stands near $400 million. The incident highlights vulnerabilities in outsourcing arrangements, especially when handling sensitive customer data across international locations. Coinbase’s response includes cutting ties with implicated agents and enhancing controls to prevent future breaches.
Earn more PRC tokens by sharing this post. Copy and paste the URL below and share to friends, when they click and visit Parrot Coin website you earn: https://parrotcoin.net0
PRC Comment Policy
Your comments MUST BE constructive with vivid and clear suggestion relating to the post.
Your comments MUST NOT be less than 5 words.
Do NOT in any way copy/duplicate or transmit another members comment and paste to earn. Members who indulge themselves copying and duplicating comments, their earnings would be wiped out totally as a warning and Account deactivated if the user continue the act.
Parrot Coin does not pay for exclamatory comments Such as hahaha, nice one, wow, congrats, lmao, lol, etc are strictly forbidden and disallowed. Kindly adhere to this rule.
Constructive REPLY to comments is allowed