According to a Reuters investigation, Coinbase was notified in January 2025 of a violation involving an outsourced customer support agent in India. Six people familiar with the issue told the report a few months before the official announcement in May that the crypto exchange knew that sensitive user data had been compromised through contractor Taskus.
In a May 14 SEC filing, Taskus documented one section of the violation where an employee who is now an indava of Taskus was caught taking photos of a working computer screen on a personal phone. Five of the former Taskus workers confirmed that the employee and suspected accomplice were allegedly acquired bribes by hackers. Coinbase user data.
Coinbase Warned immediately, 3 employees and 1 additional source I said. Shortly afterwards, more than 200 employees were fired from Indore’s Tasks Centre, attracting media attention in India. Initially, Coinbase denounced “overseas support agents,” but now estimates that violations could cost up to $400 million.
Inside a campaign to exploit Coinbase’s BPO network
Coinbase has long partnered with Texas-based outsourcing company Taskus to reduce labor costs by assigning customer support obligations to offshore teams. Since 2017, Taskus agents have handled inquiries from Coinbase customers, often from low wage countries. In Indore, India, These agents reportedly earn between $500 and $700 a month, low enough to attract criminals.
In its May filing, Coinbase admitted it had no knowledge of the full scale of the attack until May 11, when it received $20 million in fearful tor demand. In response, the company cut ties with Taskus employees responsible for the violations with several other unnamed foreign contractors. Coinbase also notified regulators, reimbursed affected users and said it had strengthened internal controls.
Taskus confirmed in an official statement that two staff members were fired due to theft of data, but did not name Coinbase. The company said the two were part of a coordinated criminal campaign that struck other service providers tied to clients.
Coinbase’s Crypto wallet was not directly compromised in the attack. Instead, hackers used stolen personal information to impersonate Coinbase employees in a wave of social engineering fraud. They pretended to be support agents and tricked the victim into moving the crypto assets.
Security researchers believe a loosely organized group known as “comms” has adjusted the violation. The group is made up of young hackers who have carried out famous attacks, one of their hits being casinos and crypto companies.
Report by luck He also said that the hackers played different roles for their members. Some bribery stole data and others carried out the scam. I used social media platforms such as Telegram and Discord to coordinate operations and split revenue.
Investigators said the impersonation scheme was more effective as people targeted at Coinbase customers spoke in fluent North American English. Scammers were able to leverage the stolen information to appear reliable enough for users to turn the code over.
Even after the violation, Coinbase is increasing its operations. The company was recently added to the S&P 500 Index and recently made a strategic acquisition announcement. CEO Brian Armstrong said he still intends to make Coinbase a major one Global Financial Services App Within the next 10 years.
Coinbase attacks are born amid a great growth Crypto Hack The chain analysis highlights the risks of outsourcing and the increased digital sophistication of attackers by over $2.2 billion by 2024.
Your Crypto News is worthy of attention – Key Difference Wire Place you on over 250 top sites
