Ddos 
Coinbase, the premier U.S.-based cryptocurrency exchange and a publicly traded company on Nasdaq, recently experienced a significant data breach that compromised the personal information of approximately 69,000 customers. The leaked data includes, but is not limited to, full names, residential addresses, phone numbers, contact details, images of government-issued identification documents, and account balances—both general and specific to Coinbase.
Armed with such detailed information, malicious actors are well-positioned to orchestrate sophisticated social engineering attacks. In more extreme cases, they could resort to physical threats, including kidnapping high-net-worth individuals. For affected investors, peace of mind is elusive unless they completely change all contact information and relocate.
The investigation into the breach remains ongoing. According to a Reuters report, the incident was traced back to an external contractor of Coinbase—TaskUs, a U.S.-based outsourcing firm with operational offices in India, where staff are recruited to provide customer support.
The breach was originally discovered in January 2025, when a TaskUs employee was caught using a personal device to photograph sensitive data displayed on a work terminal. Multiple colleagues witnessed the act, prompting an internal probe. TaskUs’s investigation revealed that at least two employees had confessed to leaking confidential Coinbase user data to external threat actors in exchange for bribes.
Although Coinbase became aware of the breach early on, the company did not publicly disclose the incident until May 2025. During that time, the perpetrators reportedly demanded a $20 million ransom from Coinbase in exchange for withholding the stolen data. Coinbase declined to comply with the extortion attempt.
Cybersecurity outlet BleepingComputer reached out to both Coinbase and TaskUs for further comment. TaskUs confirmed the accuracy of the Reuters report, emphasizing that the implicated employees were recruited as part of a broader, well-organized criminal syndicate.
A spokesperson for TaskUs stated that this criminal operation has impacted multiple vendors serving Coinbase, suggesting that the scale of the data breach may far exceed the initially reported figure of 69,000 customers. There may be additional instances of data compromise that remain undisclosed or have yet to be identified.
In response to the incident, TaskUs immediately shut down all Coinbase-related operations at its Indore facility in India. The two offending employees were terminated and handed over to law enforcement authorities. The remaining 224 team members were offered generous severance packages and six months of paid leave before also being let go—an action that sparked protests among the affected workers and attracted coverage in Indian media. At the time, the reason behind the mass dismissal was not yet publicly known.
Related Posts:
- Coinbase Announces Coinbase Open Source Fund
- Coinbase flaws allow a user to change Ethereum account balance
- Social Engineering Attack: Coinbase Customer Data Stolen, 70K Users Affected
- Coinbase notifies 13,000 users that the IRS will get their data
Donate