Overview
- Coinbase detected the breach in January but waited until May to disclose publicly when hackers demanded $20 million in Bitcoin.
- Five India-based TaskUs support agents were bribed to photograph and funnel customer names, emails, and ID documents to external attackers.
- TaskUs reported the activity to Coinbase, fired two implicated employees, halted its Indore operations affecting 226 staff, and offered severance to others.
- The incident affected about 70,000 accounts—under 1 percent of users—and could cost Coinbase up to $400 million, triggering an SEC investigation and a shareholder lawsuit.
- Coinbase has cut ties with involved contractors, strengthened internal controls and is offering a $20 million bounty for information leading to the attackers’ arrest.