Coinbase Faces $400 Million Fallout from Customer Data Leak Linked to Outsourcing Firm in India

According to six sources familiar with the issue, cryptocurrency exchange Coinbase was aware as early as January regarding a customer data breach at an outsourcing firm linked to a larger incident that could amount to losses of up to $400 million (approximately Rs. 3,420 crore), as reported by Reuters.

A specific aspect of the breach, which was publicly reported in a Securities and Exchange Commission (SEC) submission on May 14, occurred when an employee from the US outsourcing company TaskUs, based in India, was found taking pictures of her work computer using her personal smartphone, as mentioned by five former employees of TaskUs.

Three of these former employees, along with an insider, indicated that Coinbase was informed right away.

The former employees reported that company investigators or associates who witnessed the event in Indore, India, briefed them on the issue. They noted that the employee and an alleged accomplice were purportedly passing on Coinbase customer data to hackers in exchange for payments.

According to the former employees and the source familiar with the situation, over 200 employees of TaskUs were subsequently laid off in a mass termination that attracted media coverage in India.

Previously, Coinbase attributed the breach to «support agents overseas», predicting potential costs of up to $400 million (around Rs. 3,420 crore).

While the connection between TaskUs and the breach was mentioned in a lawsuit filed in a Manhattan federal court last week, the newly revealed details bring into question when Coinbase first became aware of the breach.

In the SEC filing from May, Coinbase stated that it had been aware that contractors accessed employee data «without a legitimate business purpose» in «previous months.» It was not until May 11, when it received a demand for extortion, that the company realized the extent of the situation.

In a statement issued to Reuters on Wednesday, Coinbase acknowledged the recent discovery of the incident and mentioned that it had «terminated relationships with the TaskUs personnel involved as well as other overseas agents and strengthened its oversight.»

Coinbase did not reveal the identities of the other foreign agents.

TaskUs confirmed in a statement that two employees were dismissed earlier this year for illegally accessing information from a client, which they did not disclose.

«We promptly reported this occurrence to the client,» the statement noted. «We suspect that these two individuals were part of a larger, coordinated criminal scheme against this client, which also affected several other service providers for this client.»

The source acquainted with the matter verified that Coinbase was indeed the client and that the incident transpired in January.

Reuters could not ascertain if any arrests had been made. The police department in Indore did not respond to requests for commentary.

© Thomson Reuters 2025

(This story has not been edited by NDTV staff and is auto-generated from a syndicated feed.)