69,000 Victims, $200 per Photo: India Employee Tied to Coinbase Data Leak

The post 69,000 Victims, $200 per Photo: India Employee Tied to Coinbase Data Leak appeared first on Coinpedia Fintech News

Newly unsealed court filings and state records reveal details about a massive data breach at Coinbase, one of the world’s largest cryptocurrency exchanges. The incident, traced to an employee of Coinbase’s customer service contractor TaskUs, exposed sensitive data of more than 69,000 customers and led to losses estimated as high as $400 million.

Insider Breach and Criminal Scheme

According to the filings, TaskUs employee Ashita Mishra stole Coinbase user data starting in December 2024. Using her personal phone, she allegedly photographed Social Security numbers, bank account details, and government IDs from Coinbase accounts. She then sold these images to hackers for $200 each.

Hackers used the stolen information to impersonate Coinbase staff in calls and emails, tricking users into transferring funds. Some customers lost their entire retirement savings, the documents say.

The breach was discovered on May 11, 2025, but Coinbase did not notify affected users until May 30, 2025. By then, attackers had already drained many accounts.

State Breach Notification Filing

Coinbase confirmed the scope of the incident in a Data Breach Notification filed with Maine regulators:

• Total individuals affected: 69,461
  
• Maine residents affected: 217
  
• Breach date: December 26, 2024
  
• Discovery date: May 11, 2025
  
• Cause: Insider wrongdoing
  
• Notification method: Written notice, sent May 30, 2025
  
• Identity protection services: One year of free credit monitoring and identity restoration from IDX, including a $1 million insurance policy and dark web monitoring
  

The filing was submitted by Michael Rubin, an attorney at Latham & Watkins LLP, acting as outside counsel for Coinbase.

Alleged Cover-Up by TaskUs

The lawsuit claims TaskUs learned of the misconduct in January 2025 but sought to contain the damage by firing more than 300 employees and dissolving its internal investigation team instead of disclosing the breach. Plaintiffs accuse TaskUs of negligence, fraud, and breach of contract.

While TaskUs initially downplayed the breach as the work of “two individuals,” investigators allege the scheme involved a wider network of employees and supervisors.

Coinbase Response

Coinbase has cut ties with the implicated TaskUs staff and said that “rogue overseas support agents” were to blame. The exchange has offered free identity protection services to all affected customers and pledged to tighten internal controls.

Still, victims remain at risk. The lawsuit also said that fraud attempts continue, and some customers fear physical harm now that home addresses and bank details have been exposed.