Overview
- Coinbase CEO Brian Armstrong said on December 26 that Hyderabad Police arrested a former customer-service agent, adding that further arrests are expected.
- Coinbase previously disclosed that bribed overseas support staff copied customer records and that attackers later tried to extort $20 million, which the company refused to pay.
- The stolen data included names, dates of birth, contact details, and in some cases KYC documents, while wallets, private keys, passwords, and 2FA codes were not compromised.
- Coinbase identified outsourcing vendor TaskUs as the channel used in the breach, and TaskUs said two employees were involved and that it shut the affected 226-person department.
- Coinbase and prosecutors also pursued a separate case in Brooklyn against an alleged impersonation scammer accused of stealing about $16 million, which the company says is unrelated to the insider-assisted breach.