Ddos 
The U.S.-listed cryptocurrency exchange Coinbase recently announced that Indian police have once again arrested a former employee suspected of accepting bribes in exchange for handing over customer records to criminal groups. The individual was a customer support agent recruited in India as part of Coinbase’s outsourced support team and had authorized access to a wide range of sensitive customer information.
Outsourcing technical support engineers or customer service staff to India—or establishing dedicated support offices there—is a common practice among U.S. companies. The rationale is straightforward: lower labor costs combined with widespread English proficiency significantly reduce overall operating expenses.
The problem, however, is that such employees do not always adhere to legal or ethical standards. In May 2025, Coinbase disclosed a major data breach that began in December 2024. The incident was not the result of an external cyberattack, but rather of insiders within an outsourcing firm acting as moles and supplying hackers with information. Armed with sensitive customer data, the attackers then launched social engineering campaigns to steal assets from user accounts.
The recently arrested former employee worked at the Indian office of Coinbase’s vendor TaskUs. Their role involved providing customer support and included access to customers’ names, addresses, phone numbers, email addresses, identity documents, account data, partially masked Social Security numbers (SSNs), and banking information.
Investigators found that hackers initially bribed these employees to obtain sensitive data. The inquiry revealed that approximately 70,000 customers’ records were compromised. The attackers subsequently attempted to extort Coinbase, demanding a ransom of up to $20 million in exchange for not releasing or misusing the stolen data.
Coinbase refused to pay the ransom and initiated a sweeping internal review of the office’s support staff and engineers. During the initial investigation, two employees were identified, admitted to selling user data to hackers for financial gain, and were dismissed. However, it later became clear that the number of individuals involved far exceeded just those two.
Coinbase’s CEO commented on X (formerly Twitter), stating, “Another one down, and more to come,” suggesting that additional former employees are likely to be identified and arrested. Indian authorities are currently continuing their search for other individuals implicated in the case.
Separately, the exchange’s customer support has long been the subject of criticism. Users have frequently complained that reports of stolen funds were met with silence or inaction. In hindsight, it appears increasingly plausible that some of the outsourced staff were aware of the underlying causes of these incidents—and chose to selectively ignore them.
Related Posts:
- Coinbase Data Breach: 69,000 Customers’ Info Leaked Via Third-Party
- Coinbase Announces Coinbase Open Source Fund
- Coinbase flaws allow a user to change Ethereum account balance
- Social Engineering Attack: Coinbase Customer Data Stolen, 70K Users Affected
- Beyond the Breach: Coinbase Cracks Down on Remote Work to Stop Hackers
Donate