$400M Coinbase Breach Saw Hacker Steal Customer IDs and Account Info

Court filings have revealed new details about the Coinbase data breach discovered earlier this year, pointing to a single overseas customer support worker in India as the starting point of the leak.

Good to Know

• Over 69,000 people were impacted, according to a filing with the Maine Attorney General’s Office.
• The breach may cost Coinbase between $180M and $400M in reimbursements and remediation.
• Coinbase has since cut ties with TaskUs personnel and tightened its security controls.

Investigators allege that Ashita Mishra, an employee at outsourcing firm TaskUs, secretly collected personal information from more than 10,000 Coinbase customers. According to court documents, Mishra took pictures of Coinbase customer data directly from company computers using her phone and agreed to sell the information to criminal networks.

The investigation claims she wasn’t working alone. Mishra and an accomplice allegedly organized a “hub-and-spoke conspiracy,” where disconnected groups of TaskUs employees unknowingly participated in the scheme without realizing others were involved. This setup allowed sensitive information to keep flowing out even if one participant was exposed.

What Data Was Taken

The compromised information included names, addresses, phone numbers, emails, partial Social Security numbers, masked bank account details, government ID images, and account data. A filing revealed that 69,461 people were affected.

Coinbase confirmed it refused to meet ransom demands from the criminals. Instead, the company is preparing to cover customer losses itself, estimating remediation costs in the range of $180 million to $400 million.

In a statement earlier this year, Coinbase told Reuters it had cut ties with the TaskUs personnel involved as well as other overseas agents. The exchange also introduced stricter internal controls to prevent similar incidents in the future.