Particle.news

Download on the App Store

Coinbase Cuts Ties With Bribed TaskUs Agents and Announces $20 Million Bounty

Working with law enforcement, the exchange has overhauled its security protocols after outsourced support staff in India exfiltrated customer data, with the perpetrators then attempting to extort the company.

A representation of the cryptocurrency is seen in front of the Coinbase logo in this illustration taken on March 4, 2022. REUTERS/Dado Ruvic/Illustration/File Photo
Image

Overview

  • Coinbase detected the breach in January but waited until May to disclose publicly when hackers demanded $20 million in Bitcoin.
  • Five India-based TaskUs support agents were bribed to photograph and funnel customer names, emails, and ID documents to external attackers.
  • TaskUs reported the activity to Coinbase, fired two implicated employees, halted its Indore operations affecting 226 staff, and offered severance to others.
  • The incident affected about 70,000 accounts—under 1 percent of users—and could cost Coinbase up to $400 million, triggering an SEC investigation and a shareholder lawsuit.
  • Coinbase has cut ties with involved contractors, strengthened internal controls and is offering a $20 million bounty for information leading to the attackers’ arrest.