EddieJayonCrypto
3 Jun 25
In January, Coinbase was informed of a data breach involving its third-party contractor TaskUs, traced to an India-based support agent who allegedly sold user information to hackers. The breach was disclosed publicly in May after Coinbase received a $20 million Bitcoin ransom demand. Hackers accesse...
In January, Coinbase was informed of a data breach involving its third-party contractor TaskUs, months before public disclosure. The breach originated from an India-based TaskUs support agent who photographed her work screen and traded user data to hackers. TaskUs terminated two employees and suspects the breach was part of a larger coordinated attack. Coinbase publicly disclosed the breach in May after receiving a $20 million Bitcoin ransom demand. Hackers accessed customer names, addresses, masked bank details, and identity documents, but no funds or passwords were compromised. Multiple contractors or employees in support roles were paid by attackers for internal data access, which Coinbase's security monitoring had detected. Coinbase refused to pay the ransom; CEO Brian Armstrong offered a $20 million bounty for information leading to arrests. Less than 1% of Coinbase users were affected. The company severed relationships with involved contractors and enhanced internal controls. The breach prompted a shareholder lawsuit accusing Coinbase of delayed disclosure and regulatory concealment. Coinbase's stock initially fell 7% following disclosure but later rebounded, supported by its inclusion in the S&P 500. This incident highlights ongoing risks linked to third-party contractors and underscores the importance of robust internal security measures in cryptocurrency firms.