Coinbase, a popular cryptocurrency exchange, was reportedly aware of a customer data leak as early as January, months before publicly disclosing the breach. The leak was traced back to TaskUs, a US-based outsourcing provider with operations in India. The breach involved a female employee at TaskUs’ Indore office who was allegedly caught taking photos of her work computer with a personal mobile phone.
Former TaskUs employees were briefed on the breach by company investigators or learned about it from coworkers who witnessed the incident. Coinbase was notified immediately, but did not respond to requests for comments.
The breach at TaskUs was linked to a hack on Coinbase, where the female employee and a suspected accomplice were accused of selling customer data to hackers in exchange for bribes. The breach, which compromised the information of nearly 70,000 users, included customer names, phone numbers, addresses, ID documents, account balances, transaction history, and internal company documents.
In the aftermath, over 200 TaskUs employees were reportedly fired, drawing local press coverage in India. TaskUs confirmed that two employees were dismissed for illegally accessing client data, although they did not specifically name Coinbase.
Coinbase disclosed in a May SEC filing that contractors had accessed internal employee data without a business need in previous months. The breach became apparent after an extortion demand on May 11, where hackers demanded $20 million in exchange for not leaking the stolen data. Coinbase refused to pay the ransom and instead offered a $20 million bounty for information leading to the perpetrators.
As a response, Coinbase terminated the TaskUs personnel involved, cut ties with other overseas agents, and implemented stricter controls. The breach, which began with unauthorized access in December 2024, has raised concerns about the security of outsourced customer support operations. Coinbase estimates the financial impact of the breach to be between $180 million and $400 million.
The exchange is now facing investor lawsuits alleging substantial losses and damages due to misleading statements regarding the breach. The incident highlights the importance of data security and the risks associated with outsourcing sensitive operations.