- Coinbase violations are tracked to Taskus employees. The hacker lost $ 400 million as the hacker exploited internal sales of customer data.
- The court document has sold a fraud, litigation, and 300 employees that can be recorded, fraud, and 300 employees.
- Coinbase strengthened control after the stolen data -centered data, reduced the taskus ties, and repaid the victims.
The new court document revealed how the data violation of Coinbase, which was revealed in May 2025, began in the outsourcing customer service company.
This violation exposed very sensitive user data, including social security numbers and bank details that go back to Taskus employees.
The hacker later used this information to impersonate a coinbase employee and deceived the user to move the cryptocurrency to a fraudulent wallet.
According to Coinbase’s estimates, total losses amounted to $ 400 million.
This revelation emphasizes how to continue to weaken the security of the digital asset industry.
Taskus employees were confirmed in the data theft conspiracy.
A modified collective lawsuit filed by the US District Court in the southern New York area has been shown that this violation comes from TASKUS, a business process outsourcing company that was used for customer support.
According to the report, the crime group began to contact Taskus employees in 2024 and began to pay for very sensitive user records and payments.
In September 2024, Taskus employees, Ashita Mishra, have taken a confidential coinbase customer file and began selling them to external hackers for about $ 200 per image.
According to the court submission, when Taskus discovered a violation in January 2025, Missra’s call was found to store data for more than 10,000 customers. One day, up to 200 photos appeared.
The document describes the plot as wider than one person.
Many taskus employees worked in small groups to deliver stolen records to organized criminals.
The violation was found in early January 2025, but Taskus or Coinbase did not disclose the case until May 2025.
Coinbase violations and ransom are required.
Coinbase reported that when the violation was released in May 2025, the attackers bribed the support agent to access sensitive records. At the time, the attackers pointed out that the attackers demanded a $ 20 million ransom.
Coinbase refused to pay and announced a $ 20 million bounty for information leading to the status and prosecution of related people.
Meanwhile, the frauders used the compromised details to pretend to be a coinbase representative.
The victim was deceived by transferring assets with a control wallet.
According to the lawsuit, some customers have lost life savings and retirement funds. According to the complaints, the theft has reached $ 400 million.
The violation was also influenced by the market. Coinbase stocks have led to an additional investor lawsuit that cited financial losses by decreasing according to the release.
Inner rich network and mass organization
The lawsuit said that after Taskus identified the plot and fired about 300 employees at the Indian -based center.
According to the survey, MISHRA and accomplice proposed that they have established a small group in Taskus and collected and distributed stolen coinbase users.
Even though I learned about the violation of January 2025, Coinbase and Taskus did not immediately inform customers.
The two companies were disclosed to the Form 10-K submission, and even though the violation was already confirmed internally, I knew that I did not know the data leakage.
During the few months, the customer continued to aim for the goal of the phishing campaign and Sichuan system, increasing the impact of violations.
Coinbase response and strengthening security
Coinbase has later confirmed that he has broken his relationship with Taskus employees involved and introduced a more strict internal rich control.
According to submission and subsequent company statements, Coinbase has influenced the affected users, regulatory agencies and returned customers.
This exchange also moved to limit the remote work practices of external support staff to reduce the risk of internal threats and penetration.
The company mentioned concerns about foreign agents who want to use vulnerability through North Korean actors, social engineering and bribery.
This incident emphasizes the vulnerability of third -party outsourcing in encryption security.
Even if the exchange deploys advanced technology defense, the risk of internal risk of service providers remains an important threat vector.
In progress, the lawsuit will determine the responsibility between the Coinbase, Taskus and the employee network that enabled one of the most damaging inner violations in this sector.