TechFlow news, June 3 — According to Reuters, Coinbase's recent customer data breach was partly linked to misconduct by employees at its outsourcing partner TaskUs in India. A TaskUs employee based in Indore, India, reportedly used a personal phone to photograph customer data from their work computer and sold the information to hackers in exchange for bribes, allegedly with the help of an accomplice.
Sources said the misconduct was first detected in January. TaskUs subsequently fired over 200 employees. In a filing submitted to the U.S. Securities and Exchange Commission (SEC) in May, Coinbase stated it had previously identified unauthorized access to user data by outsourced support staff but only realized the incident was part of a broader attack after receiving a ransom demand on May 11.
Coinbase has now terminated its engagement with the involved TaskUs personnel and other overseas agents, while strengthening its internal controls. TaskUs said the incident is tied to a larger criminal operation affecting multiple vendors serving Coinbase.




