A major data breach at Coinbase has been linked to an incident involving an employee of TaskUs. As a result of the breach, nearly 70,000 customers were affected.
Data Breach Incident
According to a Reuters report, the incident occurred in January when a female employee at TaskUs took pictures of sensitive Coinbase customer data from her work computer using her mobile phone. Five former TaskUs employees reported that the worker, along with a suspected accomplice, allegedly sold the data to hackers for money.
Coinbase's Response After the Breach
Coinbase was notified immediately after the breach occurred, but it was not until May 14 that the company formally disclosed the incident, stating that nearly 70,000 customers were affected. The leaked data later formed part of a $20 million ransom demand issued by hackers. Coinbase reportedly refused to comply, leading the attackers to leak portions of the stolen data in mid-May.
Impact on Industry and Data Security
TaskUs, which was handling Coinbase’s customer support at the time, was mentioned in a lawsuit filed on May 27 in Manhattan, claiming that it failed to adequately protect customer data. The breach raises concerns about data security in the cryptocurrency customer support outsourcing sector.
The data breach incident at Coinbase and its subsequent developments raise significant questions about data security in outsourcing firms operating in the cryptocurrency sector. Coinbase stated it has cut ties with the personnel involved and tightened controls.
