Reuters reported Coinbase learned in January that an outsourcing firm’s employee may have exposed customer data—months before the exchange disclosed the breach.
According to reports, Coinbase was notified in January that an outsourcing firm employee might have exposed user data months before the company made the situation public last month.
According to Reuters on June 3, which cited five former TaskUs employees, an employee in India who worked for the outsourcing company TaskUs was found using her phone to take images of her work computer. This data was part of the breach, which Coinbase officially revealed in a regulatory filing on May 14.
The former workers learned that the employee, along with a potential accomplice, allegedly traded Coinbase customers’ information for cash with hackers. Reports indicate that Coinbase immediately became aware of the issue.
In a complaint filed in Manhattan on May 27, TaskUs, a U.S. outsourcing company with operations in India, was accused of managing Coinbase’s customer service.
A mass layoff of more than 200 TaskUs workers in January sparked demonstrations and attracted notice from the Indian media. However, the primary perpetrators of the hack, which affected over 70,000 clients, were only two particular workers.
“Cut ties with the TaskUs personnel involved and other overseas agents and tightened controls,” Coinbase told the outlet.
After hackers released customer data in mid-May, Coinbase publicly announced its decision to reject a $20 million ransom demand.
In 2022, TaskUs was charged with a crypto data breach.
When Shopify and TaskUs were sued in 2022 for allegedly failing to protect client data resulting from a breach of the servers of cryptocurrency wallet creator Ledger two years earlier, TaskUs was accused of a crypto-related data leak.
According to the lawsuit, Shopify and TaskUs knew about the data leak for over a week before informing customers.
Following the hack and release of the personal information of hundreds of thousands of hardware wallet owners, Ledger customers continue to fall prey to scams and phishing attempts.
