Coinbase Data Breach: Customer Records Sold for $200 Per Image

Newly launched court docket paperwork have make clear the Coinbase knowledge breach. A serious suspect has been recognized within the exploit, which the alternate revealed had impacted ‘lower than 1%’ of its month-to-month lively customers.

According to court docket paperwork, workers at a Coinbase outsourced customer support agency, TaskUs, allegedly stole delicate buyer data. This included Social Security numbers, checking account particulars, and extra.

Court Documents Reveal Insider Plot Behind Coinbase Data Breach 

The incident got here to public consideration in May 2025. At the time, Coinbase disclosed that attackers bribed rogue help brokers to entry person knowledge. BeInCrypto reported that the dangerous actors demanded a $20 million ransom. 

The exchange declined to pay it and as a substitute introduced a $20 million bounty for data that would assist determine and prosecute these behind the assault. Now, the amended class motion grievance, filed within the US District Court for the Southern District of New York, traces the breach again to TaskUs. It is a enterprise course of outsourcing firm that Coinbase used for buyer help. 

“According to personnel educated of the information breach, in 2024, prison actors started a marketing campaign of outreach to focus on and recruit TaskUs workers to affix a conspiracy to exfiltrate PII of Coinbase customers in order that these criminals may steal cryptocurrency belongings held by these customers. As early as September 2024, TaskUs worker Ashita Mishra joined the conspiracy by agreeing to promote extremely delicate Coinbase person knowledge to these criminals,” the filing reads.

Beginning in September 2024, a TaskUs worker in India, Ashita Mishra, allegedly began photographing delicate buyer information. Mishra then bought the stolen knowledge to exterior hackers for roughly $200 per picture. The breach’s extent was huge. 

When TaskUs found the breach in early January 2025, Mishra’s cellphone alone held knowledge on greater than 10,000 Coinbase clients. Records confirmed that she took as much as 200 photographs on some days.  

According to the filings, it was a wider conspiracy involving a number of TaskUs workers who funneled stolen knowledge to organized criminals. 

“Ms. Mishra and an confederate operated smaller circles of disconnected TaskUs workers who participated within the conspiracy,” the paperwork revealed.

Furthermore, the grievance highlighted that regardless of uncovering the breach in early January 2025 and firing roughly 300 workers from its India-based facilities, TaskUs and Coinbase didn’t instantly notify clients. As per the textual content, 

“Between January of 2025, once they grew to become conscious of the Data Breach, and May of 2025, TaskUs and Coinbase disclosed of their Form 10-Ks that they weren’t conscious of any materials knowledge breaches impacting their respective corporations.” 

Meanwhile, utilizing the stolen particulars, fraudsters impersonated Coinbase representatives and satisfied victims to switch cryptocurrency into fraudulent wallets. Several plaintiffs report that the breach worn out their life financial savings or retirement funds.

“The criminals utilized a regular playbook with a view to perform their scheme, efficiently stealing as a lot as $400 million from unsuspecting victims by Coinbase’s personal estimates,” the lawsuit famous.

The breach sparked widespread criticism as users reported being targeted by phishing and impersonation schemes. Furthermore, Coinbase faced a lawsuit following a decline in its inventory value, which resulted in substantial investor losses.

In the aftermath, Coinbase severed ties with implicated TaskUs personnel and applied stricter controls.

“We notified affected customers and regulators instantly, reimbursed impacted clients, tightened vendor and insider controls, and ended our relationship with TaskUs,” Coinbase advised Fortune.

To additional strengthen its defenses, Coinbase says it is tightening its remote-work policies to cut back insider threats and stop infiltration by foreign operatives, together with North Korean actors.

The Coinbase breach illustrates the size of harm that insider threats could cause within the crypto trade. Despite superior technical defenses, human vulnerabilities at third-party suppliers stay an acute threat — one which even the world’s largest exchanges battle to comprise.

The put up Coinbase Data Breach: Customer Records Sold for $200 Per Image appeared first on BeInCrypto.