Coinbase breach linked to customer data leak in India, sources say
2025-06-03 16:03:15 Reading

  • Coinbase breach partly linked to TaskUs employees in India
  • Sources say contractor was caught taking pictures of data on her phone
  • Disclosure raises queries about when Coinbase discovered breach

WASHINGTON, June 2 (Reuters) - Cryptocurrency exchange Coinbase knew as far back as January about a customer data leak at an outsourcing company connected to a larger breach estimated to cost up to $400 million, six people familiar with the matter told Reuters.

At least one part of the breach, publicly disclosed in a, opens new tabMay 14 SEC filing, opens new tab, occurred when an India-based employee of the U.S. outsourcing firm TaskUs was caught taking photographs of her work computer with her personal phone, according to five former TaskUs employees.

Make sense of the latest ESG trends affecting companies and governments with the Reuters Sustainable Switch newsletter. Sign up here.

Three of the employees and a person familiar with the matter said Coinbase was notified immediately.

The ex-employees said they were briefed on the matter by company investigators or colleagues who witnessed the incident in the Indian city of Indore, noting that the woman and a suspected accomplice were alleged to have been feeding Coinbase customer information to hackers in return for bribes.

The ex-employees and person familiar with the matter said more than 200 TaskUs employees were soon fired in a mass layoff that drew Indian media attention, opens new tab.

Coinbase had previously blamed "support agents overseas" for the breach, which it estimated could cost up to $400 million.  

Although the link between TaskUs and the breach was previously alleged in a lawsuit filed last week, opens new tabin federal court in Manhattan, details of the incident, reported here for the first time, raise further questions over when Coinbase first learned of the incident.

Coinbase said in the May SEC filing that it knew contractors accessed employee data "without business need" in "previous months." Only when it received an extortion demand on May 11 did it realize that the access was part of a wider campaign, the company said.  

In a statement to Reuters on Wednesday, Coinbase said the incident was recently discovered and that it had "cut ties with the TaskUs personnel involved and other overseas agents, and tightened controls."

Coinbase did not disclose who the other foreign agents were.

TaskUs said in a statement that two employees had been fired early this year after they illegally accessed information from a client, which it did not identify.

Disclaimer: This specification is preliminary and is subject to change at any time without notice. CryptoCNN assumes no responsibility for any errors contained herein.

Recommended reading
Robinhood completes $200M acquisition of crypto exchange Bitstamp
Michael Saylor’s Strategy offers $250M preferred stock to buy more Bitcoin
Coinbase Ventures:The Rise of Onchain AI: Agents, Apps, and Commerce
Bitcoin Slips Below $104K, Cryptos Slide as U.S.-China Tariff Tensions Flare Up
Two Ways This Bitcoin Bull Market Is Sturdier Than 2020-21 and 2017
Trump's Memecoin Dinner Questioned by Top Democrat on House Judiciary Committee

Copyright © CryptoCNN