Coinbase’s massive data breach was reportedly linked to an outsourcing firm operating in India.
An India-based employee of the U.S. outsourcing firm TaskUs took photos of her work computer with her personal phone but was caught, according to a new Reuters report, which cited five anonymous former TaskUs employees.
-->The woman allegedly had been paid by hackers to pass along Coinbase customer information and had a suspected accomplice.
Three of the anonymous former TaskUs employees and “a person familiar with the matter” told Reuters that Coinbase was notified right away. The “person familiar with the matter” reportedly says the security issue happened in January.
Coinbase claims it learned about the incident after receiving an email last month demanding a $20 million Bitcoin (BTC) payoff in exchange for not releasing the illegally obtained info.
The exchange says criminals bribed a small group of overseas customer support agents to copy the data of less than 1 of the firm’s monthly transacting users. A recent filing with the Maine Attorney General’s Office indicates the breach impacted 69,461 people.
Coinbase notes that hacked information includes names, addresses, phone numbers, email addresses, masked social security numbers (the last 4 digits only), masked bank-account numbers, some bank account identifiers, government-ID images, account data and limited corporate data.
The company refused to give in to the hackers’ demand and estimates it will pay $180 million to $400 million in remediation costs and voluntary customer reimbursements.
The exchange reportedly told Reuters it had “cut ties with the TaskUs personnel involved and other overseas agents, and tightened controls.”
Follow us on X, Facebook and Telegram
