A major data breach at cryptocurrency exchange Coinbase, potentially costing the company up to $400 million, has been linked to the actions of bribed customer service workers in India. The breach, which affected over 69,000 customers, represents the largest security failure in Coinbase's history. Investigations reveal a network of young, English-speaking hackers induced employees of TaskUs, a U.S.-based company with a significant presence in India that provides customer service support to major tech firms, to leak sensitive user data.

TaskUs agents in Indore had been handling support for Coinbase since 2017. The breach was reportedly detected in December 2024, and in January 2025, TaskUs laid off over 200 Indian staff working for Coinbase. The low salaries, typically between $500 and $700 a month, made some workers susceptible to bribery, as they were persuaded to hand over confidential customer records in exchange for payments. Coinbase has confirmed it has severed ties with the involved individuals and other overseas agents.

The stolen data, while not sufficient to directly access Coinbase's crypto vaults, was used to impersonate Coinbase staff. The criminals then employed social engineering tactics to trick customers into divulging their crypto assets. Although Coinbase has not disclosed the total amount lost by customers, the company has stated it is reimbursing affected users.

In response to the breach, a class-action lawsuit has been filed in New York, accusing TaskUs of negligence. TaskUs maintains that the claims are without merit and is reinforcing its security protocols. The company suggests that two agents were part of a larger scheme that targeted multiple service providers connected to Coinbase.

Following the discovery of the breach, Coinbase took several steps to mitigate the damage and prevent future incidents. These measures include refusing to pay a $20 million ransom demanded by the hackers and instead offering a $20 million reward for information leading to their capture and conviction. The company is also tracing the stolen funds and flagging accounts making large withdrawals.

This incident has highlighted the vulnerabilities associated with outsourcing customer service operations, particularly when dealing with sensitive financial data. The lower wages paid to overseas employees can create an incentive for them to compromise security in exchange for bribes. The Coinbase breach serves as a reminder of the importance of robust security measures and thorough vetting of employees, especially in industries that handle valuable assets like cryptocurrency.