1 day ago
26
Reuters reports that Coinbase was made aware in January that an employee of an outsourcing company could have leaked its customer data, months before its recent public disclosure.
Coinbase was reportedly told in January that its customer data could have been leaked by an employee of an outsourcing company, months before it publicly disclosed the incident last month.
Part of the breach, which Coinbase publicly disclosed in a May 14 regulatory filing, happened when an India-based employee of the outsourcing firm TaskUs was caught taking pictures of her work computer with her personal phone, Reuters reported on June 3 citing five former TaskUs employees.
The former employees said they were told that the employee and a suspected accomplice allegedly gave Coinbase customer information to hackers for money. Coinbase was reportedly immediately notified of the incident.
TaskUs is an American business process outsourcing company operating in India and was alleged in a lawsuit filed in Manhattan on May 27 to have handled Coinbase’s customer support.
More than 200 TaskUs employees were fired in a mass layoff in January that drew protests and Indian media attention at the time. However, just two specific employees were identified as the main culprits behind the breach, which impacted almost 70,000 customers.
Screenshot from lawsuit against TaskUs. Source: PacerMonitor
Related: Coinbase hit with wave of lawsuits over customer data breaches
Coinbase told the outlet that it had “cut ties with the TaskUs personnel involved and other overseas agents, and tightened controls.”
Coinbase rejected a $20 million ransom demand after hackers leaked user data in mid-May, prompting the firm to go public.
Related: US government urges court to reject Coinbase user’s crypto records fight
Coinbase did not immediately respond to a request for comment.
TaskUs past accused of crypto data breach
TaskUs was accused of a crypto-related data breach in 2022, when Shopify and the firm were sued over alleged failures to protect customer data stemming from a breach of crypto wallet maker Ledger’s servers two years prior.
The lawsuit claimed that Shopify and TaskUs were aware of the data breach for over a week before notifying customers.
Ledger customers remain the victims of scams and phishing attacks following the hack and leak of hundreds of thousands of hardware wallet owners’ personal data.
Magazine: Bitcoin $200K ‘obvious’ breakout, GameStop’s first BTC buy: Hodler’s Digest
English (US) ·