In September 2025, court filings revealed detailed information about a significant data breach at Coinbase, the largest U.S.-based cryptocurrency exchange, which affected over 69,000 customers and led to estimated losses of up to $400 million.
The breach, which began in September 2024, involved an employee at TaskUs, a Texas-based outsourcing firm providing customer support services for Coinbase, named Ashita Mishra.
Based in Indore, India, Mishra allegedly stole sensitive customer data, including Social Security numbers, bank account details, government-issued IDs, names, addresses, emails, and account balances, by photographing up to 200 customer records daily.
She sold these images to hackers for approximately $200 each, amassing data on over 10,000 customers on her personal device by the time of her arrest in January 2025.
Register for Tekedia Mini-MBA edition 19 (Feb 9 – May 2, 2026): big discounts for early bird.
Tekedia AI in Business Masterclass opens registrations.
Join Tekedia Capital Syndicate and co-invest in great global startups.
Register for Tekedia AI Lab: From Technical Design to Deployment (next edition begins Jan 24 2026).
The breach was part of a broader conspiracy described as a “hub-and-spoke” network, where Mishra and accomplices, including team leaders and operations managers at TaskUs, were recruited by a hacker group known as “the Comm,” reportedly composed of young English-speaking criminals.
These hackers used the stolen data to impersonate Coinbase support staff, executing social engineering scams that tricked users into transferring cryptocurrency to fraudulent wallets, with some victims losing their entire life savings or retirement funds.
Coinbase detected suspicious activity in the months leading up to May 11, 2025, when an unknown threat actor emailed the company demanding a $20 million ransom in bitcoin to not disclose the stolen data.
Coinbase refused to pay, instead notifying affected users and regulators by May 30, 2025, terminating its relationship with TaskUs, and firing the involved employees. The company also implemented stricter insider controls, tightened remote-work policies, and offered a $20 million bounty for information leading to the arrest and conviction of the perpetrators.
Affected customers were reimbursed, and Coinbase provided one year of free credit monitoring and identity restoration through IDX, including a $1 million insurance policy.
The lawsuit filed in the Southern District of New York alleges that TaskUs attempted to conceal the breach by firing 226 employees in Indore in January 2025 and dismissing its HR team investigating the incident, accusing the firm of failing to implement adequate security measures like encryption or multi-factor authentication.
TaskUs disputes claims of systemic issues, asserting that only two employees were involved and that it promptly reported the breach to Coinbase. The incident has raised concerns about the risks of outsourcing customer support, with Coinbase facing reputational fallout and ongoing lawsuits, though the company is pushing for arbitration to mitigate financial and publicity damages.
For customers, the risk of identity theft and financial fraud persists, as stolen data may circulate on the dark web. Coinbase advises enabling two-factor authentication preferably hardware-based, using withdrawal allow-listing, and being cautious of unsolicited calls or emails requesting fund transfers.
The breach erodes trust in Coinbase as a secure platform, potentially driving customers to competitors like Binance or Kraken. Public perception of Coinbase’s handling of the incident—refusing the $20 million ransom and delaying disclosure—may further damage its brand.
Reimbursing affected customers and offering $20 million in bounties, alongside legal costs from ongoing lawsuits, strains Coinbase’s finances. Potential regulatory fines from bodies like the SEC or CFTC for inadequate data protection could add further pressure.
Lawsuits in the Southern District of New York, with plaintiffs resisting arbitration, could lead to significant settlements or judgments if Coinbase is found liable for negligence in overseeing its outsourcing partner.
The exposure of Social Security numbers, bank details, and government IDs increases the likelihood of long-term identity theft, fraud, or phishing attacks. Stolen data circulating on the dark web may lead to further exploitation, despite Coinbase’s offer of credit monitoring and $1 million insurance through IDX.
For the Crypto Industry
The breach highlights vulnerabilities in outsourcing customer support, likely prompting regulators to impose stricter data protection and cybersecurity standards across the crypto sector. This could raise compliance costs for exchanges.
Other exchanges may reassess their reliance on third-party vendors like TaskUs, potentially shifting to in-house support or more secure outsourcing models with robust encryption and multi-factor authentication.
High-profile breaches can shake investor confidence, potentially leading to short-term declines in cryptocurrency prices or reduced trading volumes as users withdraw funds to self-custody wallets.
TaskUs faces allegations of inadequate security and attempting to cover up the breach by firing employees. This could lead to lost contracts, legal liabilities, and difficulty attracting new clients.
The breach underscores the human element as a critical vulnerability, even in organizations with strong technical defenses. Companies across industries may invest more in employee monitoring, training, and access controls.
The success of “the Comm” in exploiting stolen data via impersonation scams highlights the growing sophistication of social engineering, pushing firms to educate users on recognizing fraudulent communications.
The scale of the breach may spur calls for stronger consumer protections in the crypto space, including mandatory breach disclosures, standardized security protocols, or government-backed insurance for digital assets.
With perpetrators operating across jurisdictions (e.g., India-based employees and English-speaking hackers), international cooperation on cybercrime investigations will be critical, potentially leading to new frameworks for cross-border enforcement.
Coinbase’s response—reimbursements, bounties, and enhanced controls—may mitigate some damage, but the incident underscores the ongoing challenges of securing digital assets in a rapidly evolving threat landscape.
After loosing $400k to binary crypto investment scam. I thought I’d never recover my money back, until i met a testimony of Mrs. Mariah online talking about RECOVERY SCAM CRYPTO who helped her recover her funds back. I decided to give it a try and contacted them on. RECOVERY SCAM CRYPTO @ Gma??l .Com / luckily for me as i speak to you all, my funds has been recovered and was delivered to me within 24 hours.
I thought I’d lost everything when I invested 450,000 dollars in a cryptocurrency project that turned out to be a Ponzi scheme. I felt devastated, foolish, and helpless. But then I remembered that there’s always hope. I reached out to (GLOBALLY RECLAIM {aT} GMAIL COM ) and their expert team sprang into action. With their help, I was able to recover 95% of my lost investment. I breathed a sigh of relief, grateful for a second chance. I realized that even in the darkest moments, there’s always a way forward. If I can recover from this, so can you. Don’t give up if you’re facing a similar situation. Reach out to GLOBALLY RECLAIM for guidance and support. Remember, you’re not alone, and there’s always hope for recovery.
Some lady contacted me on IG and got me to trade with this company. Constantly convincing me for one reason to the other to keep increasing my deposits. Long story short, I lost about $88,000 I’ve never been so disappointed in my life, trusted them only to be deceived like this. Just another one of those shady companies that have nothing to offer. Wish I had read some comments in forums earlier, wouldn’t have dealt with them. Glad I found a reliable expert at Henry Walter in some forums who helped me get back everything I lost. If you’re also a victim of these guys or lost your money to similar companies, write me and I’ll refer you to the Recovery Experts. I’ll make sure you get back everything you lost Email: davidmoore9951 (at) GM AIL , C 0M