Coinbase (COIN) got entangled in a third-party security breach in India, 6 people familiar with the matter told the media giant Reuters a few days ago. However, the $400 million security breach dates all the way back to January, 2025.
Sponsored
Amid the events, Coinbaseโs publicly-traded shares dropped around 5%, but rebound in the next few days without much hassle. On the contrary, Coinbase (BASE) inked 29.84% gains over the past 30 days, trading at $258.91 at the time of publication.
Coinbase Hack: What Happened In India?
According to the latest insights into the controversial Coinbase hack, the customer staff in India went rogue on TaskUs, a Texas-based business process outsourcing companyโs, behalf. Four witnesses from TaskUs claimed that Coinbase was immediately notified of the breach, resulting in sacking two Indian employees due to harsh violations of the job contract.
The four testimonies & confessions explain how a girl was caught on camera taking photos of sensitive work-related data. More interestingly, the Indian girl is a part of a vigilante teenager group, calling themselves โThe Commโ, an abbreviation for โCommunityโ.
The crew is well-organized, each of the members responsible for specific aspects of the digital heist. In this particular case, one member bribed the TaskUs employee, while others focused on social engineering.
One of the alleged hackers goes on Telegram by the nickname โPuffy Partyโ & takes huge pride in several exploits, including multiple Las Vegas casinos getting properly whipped by the hacker crew back in 2023.
Later on, Coinbase fired the whole 200 TaskUs crew in the city of Indore, cutting ties with the business outsourcing enterprise. Meanwhile, Coinbaseโs CEO Brian Armstrong confirmed his team to have sent multiple notifications to affected customers in April, 2025.
However, it took Coinbase until May 15, 2025 to acknowledge this to the U.S. Securities and Exchange Commission (SEC). According to Brian Armstrong, the developer team didnโt realize the extent of the breach until May 11, 2025. Naturally, that was the time when Coinbase received a wild ransom letter from the hackers in control of the data.
On The Flipside
- The Notification date of April 11, 2025 was followed by a quiet terms & conditions revision, limiting customerโs ability to participate in class-action lawsuits against Coinbase.
Why This Matters
Deciphering tactics & motives behind crypto security breaches of this magnitude is key in preventing customer such data leakages in the future.
Dig into DailyCoinโs popular crypto news:
Kraken Prime Goes Live: What Retail Crypto Traders Should Know
Cardi Bโs WAP Moist Again, Top On-Chain Detective Cries Foul
A Coinbase support contractor in India leaked customer data as part of a bribery scheme. Hackers used the info for phishing attacks, costing Coinbase millions.
Coinbase cut ties with the contractor, enhanced security, and is reimbursing affected users.
Yes, even though Coinbase stopped India operations in 2023, the breach further damaged its reputation there.
No, funds werenโt touchedโonly personal data was stolen and misused in scams.
No arrests have been reported yet, and Indian police haven’t commented.
