Indian contractor TaskUs employee leaked Coinbase customer data
Date: 2025-06-03 Author: Oliver Abernathy Categories: BUSINESS
In January 2025, Coinbase was notified of a major data breach involving its contractor TaskUs in India. According to Reuters, the incident was part of a larger cyberattack campaign that caused damage worth about $400 million.
The investigation began after an employee of the TaskUs office in India was caught taking a photo of her work screen with her personal phone. According to five former employees of the company, the incident was recorded in the city of Indore. Three sources said that Coinbase was immediately informed about the incident.
The employee and an accomplice may have reportedly passed personal data of Coinbase customers to the attackers in exchange for bribes. Shortly after the incident, more than 200 people were fired from TaskUs. While the layoffs were attributed to layoffs, Indian media reported on January 11 that they were directly related to a data breach.
The new information, made public in a lawsuit filed in Manhattan federal court, raises questions about when Coinbase learned of the breach. The company’s May 15 SEC filing said contractors had been accessing personal data for months, but it wasn’t until it received a blackmail letter on May 11 that Coinbase realized it was being targeted.
Coinbase says it terminated its work with the TaskUs employees and other overseas contractors involved and stepped up security measures immediately after discovering the breach. TaskUs, for its part, confirmed that two employees were fired earlier this year for improperly accessing data from an unnamed client.
However, a source familiar with the investigation confirmed that Coinbase was the client. According to a legal notice sent by the exchange to the Maine Attorney General's Office, the incident occurred on December 26, 2024, but was only discovered on May 11, 2025. The leak affected the personal data of 69,461 platform users.
