ExchangeDEX+
Buy CryptoMarketsSpotFuturesBTCEarnEvents
More
Coinbase breach traced to TaskUs staff; $400M lost as hackers exploited insider-sold customer data. Court docs show TaskUs workers sold records, triggering scams, lawsuits, and 300 employee firings. Coinbase tightened controls, cut TaskUs ties, and reimbursed victims after insider-driven data theft. New court documents have revealed how a data breach at Coinbase, which came to […] The post Coinbase insider breach linked to $400 million crypto theft, court files reveal appeared first on CoinJournal.Coinbase breach traced to TaskUs staff; $400M lost as hackers exploited insider-sold customer data. Court docs show TaskUs workers sold records, triggering scams, lawsuits, and 300 employee firings. Coinbase tightened controls, cut TaskUs ties, and reimbursed victims after insider-driven data theft. New court documents have revealed how a data breach at Coinbase, which came to […] The post Coinbase insider breach linked to $400 million crypto theft, court files reveal appeared first on CoinJournal.

Coinbase insider breach linked to $400 million crypto theft, court files reveal

Author: Coin JournalSource: Coin Journal
2025/09/17 20:19
  • Coinbase breach traced to TaskUs staff; $400M lost as hackers exploited insider-sold customer data.
  • Court docs show TaskUs workers sold records, triggering scams, lawsuits, and 300 employee firings.
  • Coinbase tightened controls, cut TaskUs ties, and reimbursed victims after insider-driven data theft.

New court documents have revealed how a data breach at Coinbase, which came to light in May 2025, originated from inside an outsourced customer service firm.

The breach, traced back to TaskUs employees, exposed highly sensitive user data, including Social Security numbers and bank details.

Hackers later used this information to impersonate Coinbase staff and trick users into transferring cryptocurrency into fraudulent wallets.

By Coinbase’s estimates, the total losses reached $400 million.

The revelations highlight how insider threats at third-party providers continue to undermine security in the digital asset industry.

TaskUs employee identified in data theft conspiracy

The amended class action complaint, filed in the US District Court for the Southern District of New York, shows that the breach stemmed from TaskUs, a business process outsourcing company Coinbase used for customer support.

According to the filings, criminal groups began contacting TaskUs employees in 2024, offering payments in exchange for highly sensitive user records.

From September 2024, TaskUs employee Ashita Mishra allegedly started photographing confidential Coinbase customer files and selling them to external hackers for about $200 per image.

Court filings revealed Mishra’s phone stored data on more than 10,000 customers when TaskUs discovered the breach in January 2025. Some days showed up to 200 photographs taken.

The documents describe the plot as wider than one individual.

Multiple TaskUs employees reportedly collaborated in smaller groups, forwarding stolen records to organised criminals.

The breach was uncovered in early January 2025, yet neither TaskUs nor Coinbase disclosed the incident until May 2025.

Coinbase breach scale and ransom demands

When the breach became public in May 2025, Coinbase reported that attackers had bribed support agents to gain access to sensitive records. Reports at the time noted that the attackers demanded a $20 million ransom.

Coinbase declined to pay and instead announced a $20 million bounty for information leading to the identification and prosecution of those involved.

Meanwhile, fraudsters used the compromised details to impersonate Coinbase representatives.

Victims were tricked into transferring assets into wallets controlled by criminals.

According to the lawsuit, several customers lost their life savings and retirement funds. The complaint notes that the stolen funds reached as much as $400 million.

The breach also had market repercussions. Coinbase stock declined following the disclosure, leading to further investor lawsuits citing financial losses.

Insider networks and mass layoffs

The lawsuit revealed that TaskUs fired about 300 employees at its India-based centres after identifying the conspiracy.

Investigations suggested that Mishra and an accomplice had established smaller groups within TaskUs to gather and distribute stolen Coinbase user records.

Despite becoming aware of the breach in January 2025, Coinbase and TaskUs did not notify customers immediately.

Both firms disclosed in their Form 10-K filings that they were not aware of any material data breaches, even though the breach had already been identified internally.

During the months of silence, customers continued to be targeted by phishing campaigns and impersonation schemes, escalating the impact of the breach.

Coinbase response and tightening of security

Coinbase has since confirmed that it severed ties with the implicated TaskUs staff and has introduced stricter insider controls.

According to filings and subsequent company statements, Coinbase notified affected users, regulators, and reimbursed impacted customers.

The exchange also moved to limit remote work practices for external support staff, aiming to reduce risks of insider threats and infiltration.

The company referenced concerns about foreign operatives, including North Korean actors, attempting to exploit vulnerabilities through social engineering and bribery.

The case highlights the vulnerabilities of third-party outsourcing in crypto security.

Even as exchanges deploy advanced technical defences, insider risks at service providers remain a critical threat vector.

The ongoing lawsuit will determine accountability between Coinbase, TaskUs, and the networks of employees who enabled one of the most damaging insider breaches in the sector.

The post Coinbase insider breach linked to $400 million crypto theft, court files reveal appeared first on CoinJournal.

Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact service@support.mexc.com for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.

You May Also Like

Google's AP2 protocol has been released. Does encrypted AI still have a chance?

Google's AP2 protocol has been released. Does encrypted AI still have a chance?

Following the MCP and A2A protocols, the AI Agent market has seen another blockbuster arrival: the Agent Payments Protocol (AP2), developed by Google. This will clearly further enhance AI Agents' autonomous multi-tasking capabilities, but the unfortunate reality is that it has little to do with web3AI. Let's take a closer look: What problem does AP2 solve? Simply put, the MCP protocol is like a universal hook, enabling AI agents to connect to various external tools and data sources; A2A is a team collaboration communication protocol that allows multiple AI agents to cooperate with each other to complete complex tasks; AP2 completes the last piece of the puzzle - payment capability. In other words, MCP opens up connectivity, A2A promotes collaboration efficiency, and AP2 achieves value exchange. The arrival of AP2 truly injects "soul" into the autonomous collaboration and task execution of Multi-Agents. Imagine AI Agents connecting Qunar, Meituan, and Didi to complete the booking of flights, hotels, and car rentals, but then getting stuck at the point of "self-payment." What's the point of all that multitasking? So, remember this: AP2 is an extension of MCP+A2A, solving the last mile problem of AI Agent automated execution. What are the technical highlights of AP2? The core innovation of AP2 is the Mandates mechanism, which is divided into real-time authorization mode and delegated authorization mode. Real-time authorization is easy to understand. The AI Agent finds the product and shows it to you. The operation can only be performed after the user signs. Delegated authorization requires the user to set rules in advance, such as only buying the iPhone 17 when the price drops to 5,000. The AI Agent monitors the trigger conditions and executes automatically. The implementation logic is cryptographically signed using Verifiable Credentials (VCs). Users can set complex commission conditions, including price ranges, time limits, and payment method priorities, forming a tamper-proof digital contract. Once signed, the AI Agent executes according to the conditions, with VCs ensuring auditability and security at every step. Of particular note is the "A2A x402" extension, a technical component developed by Google specifically for crypto payments, developed in collaboration with Coinbase and the Ethereum Foundation. This extension enables AI Agents to seamlessly process stablecoins, ETH, and other blockchain assets, supporting native payment scenarios within the Web3 ecosystem. What kind of imagination space can AP2 bring? After analyzing the technical principles, do you think that's it? Yes, in fact, the AP2 is boring when it is disassembled alone. Its real charm lies in connecting and opening up the "MCP+A2A+AP2" technology stack, completely opening up the complete link of AI Agent's autonomous analysis+execution+payment. From now on, AI Agents can open up many application scenarios. For example, AI Agents for stock investment and financial management can help us monitor the market 24/7 and conduct independent transactions. Enterprise procurement AI Agents can automatically replenish and renew without human intervention. AP2's complementary payment capabilities will further expand the penetration of the Agent-to-Agent economy into more scenarios. Google obviously understands that after the technical framework is established, the ecological implementation must be relied upon, so it has brought in more than 60 partners to develop it, almost covering the entire payment and business ecosystem. Interestingly, it also involves major Crypto players such as Ethereum, Coinbase, MetaMask, and Sui. Combined with the current trend of currency and stock integration, the imagination space has been doubled. Is web3 AI really dead? Not entirely. Google's AP2 looks complete, but it only achieves technical compatibility with Crypto payments. It can only be regarded as an extension of the traditional authorization framework and belongs to the category of automated execution. There is a "paradigm" difference between it and the autonomous asset management pursued by pure Crypto native solutions. The Crypto-native solutions under exploration are taking the "decentralized custody + on-chain verification" route, including AI Agent autonomous asset management, AI Agent autonomous transactions (DeFAI), AI Agent digital identity and on-chain reputation system (ERC-8004...), AI Agent on-chain governance DAO framework, AI Agent NPC and digital avatars, and many other interesting and fun directions. Ultimately, once users get used to AI Agent payments in traditional fields, their acceptance of AI Agents autonomously owning digital assets will also increase. And for those scenarios that AP2 cannot reach, such as anonymous transactions, censorship-resistant payments, and decentralized asset management, there will always be a time for crypto-native solutions to show their strength? The two are more likely to be complementary rather than competitive, but to be honest, the key technological advancements behind AI Agents currently all come from web2AI, and web3AI still needs to keep up the good work!
Share
PANews2025/09/18 07:00
Zama to Conduct Sealed-Bid Dutch Auction Using Encryption Tech

Zama to Conduct Sealed-Bid Dutch Auction Using Encryption Tech

Zama unveils innovative public token auction, using proprietary encryption. Bidding begins January 21, 2026. Key details on protocol and market impact.Read more
Share
Coinstats2026/01/20 18:13
Fed Finally Cuts Interest Rates – Crypto Boom is About to Begin

Fed Finally Cuts Interest Rates – Crypto Boom is About to Begin

The federal funds rate now stands in a range of 4.00% to 4.25%, a level that reflects a delicate balancing […] The post Fed Finally Cuts Interest Rates – Crypto Boom is About to Begin appeared first on Coindoo.
Share
Coindoo2025/09/18 02:01

Trending News

More

Google's AP2 protocol has been released. Does encrypted AI still have a chance?

Zama to Conduct Sealed-Bid Dutch Auction Using Encryption Tech

Fed Finally Cuts Interest Rates – Crypto Boom is About to Begin

This U.S. politician’s suspicious stock trade just returned over 200% in weeks

Why Families Are Choosing Big Heart ABA in Virginia

Quick Reads

More

Mobile DePIN Revolution: How SKR + Seeker Unlock 2x Rewards in 2026

Seeker Phone ROI Calculator: Can the SKR Airdrop Cover Your $500 Purchase Cost?

Hidden Benefits of Holding SKR: Complete 2026 Solana Mobile Ecosystem Airdrop Guide

Seeker (SKR) Deep Dive 2026: The Revolutionary Token Powering Solana's Mobile Ecosystem

BEEG Price Prediction Q1 2026: Will Blue Whale Token Break All-Time High? In-Depth Investment Analysis

Crypto Prices

Bitcoin Logo

Bitcoin

BTC

$91,165.99
$91,165.99$91,165.99

-2.04%

Ethereum Logo

Ethereum

ETH

$3,107.07
$3,107.07$3,107.07

-3.38%

Solana Logo

Solana

SOL

$129.20
$129.20$129.20

-3.24%

XRP Logo

XRP

XRP

$1.9329
$1.9329$1.9329

-2.44%

Binance Coin Logo

Binance Coin

BNB

$914.41
$914.41$914.41

-1.17%