Coinbase was informed of a customer data leak at its outsourcing partner, Taskus, some four months before a significant breach that is expected to cost the company $400 million.
Report: Coinbase Knew of Data Leak Months Before $400M Breach
WRITTEN BY
SHARE
Breach Causes 200 Employees to Lose Jobs?
U.S. cryptocurrency exchange Coinbase was made aware of a customer data leak at one of its outsourcing companies four months before a breach that is set to cost it $400 million, a Reuters report citing six sources has said. In one incident, an employee of the outsourcing company Taskus was caught taking photos of her work computer, and a report was made to Coinbase.
According to five anonymous former employees quoted in the report, the unnamed female employee and an accomplice are believed to have passed on customer information to hackers in return for bribes. An investigation into the incident, which happened in the city of Indore, was launched. Shortly afterward, 200 Taskus employees were abruptly terminated, prompting allegations of unfair dismissal by the affected employees.
However, despite this incident, Coinbase only publicly acknowledged the breach in May after hackers in possession of sensitive user data attempted to extort $20 million from the exchange. As reported by Bitcoin.com News and other outlets, Coinbase publicly acknowledged the breach May 15. It claimed then that attackers only targeted internal customer support systems and accessed personal information belonging to fewer than 1% of monthly transacting users.
Coinbase’s confirmation of the breach came against the background of rising incidents in which wealthy crypto holders are being targeted by armed criminals. As some kidnapping incidents have demonstrated, criminals behind these abductions often seem to possess detailed information on users, including the size of their holdings. Some observers believe the cost of this breach significantly exceeds the monetary value.
Although it became aware that contractors had illegally obtained user “data in previous months” Coinbase only took action after the bribery attempt. The exchange added that it has also “cut ties with the TaskUs personnel involved and other overseas agents, and tightened controls.” For its part, Taskus said the two employees were let go in January.
