A report shows that the recent Coinbase customers’ data breach came from an internal leak from an outsourcing firm in India.
Coinbase, the largest US crypto exchange, has faced a string of scam-related activities lately. For perspective, in its May filing with the US Securities and Exchange Commission (SEC), the firm reported that fraudsters had contacted it and demanded funds to prevent the release of sensitive customer information online.
Meanwhile, a recent Reuters report claimed that the “support agents overseas” that Coinbase blamed for the hack were employees from TaskUs, a US outsourcing firm serving the prominent exchange.
Employer Caught Illegally Accessing Data
The June 2 Reuters report, citing people familiar with the matter, revealed that a female employee was caught filming sensitive information from an official computer using her personal phone. Up to five former TaskUs employees confirmed witnessing the event in TaskUs’ outlet in Indore, India.
Meanwhile, the report linked the employee filming with Coinbase’s recent extortion attempt, claiming she and her accomplices were part of the internal crew that fed customer data to these fraudsters. Remarkably, the discovery led to Coinbase laying off over 200 TaskUs staff.
Moreover, TaskUs also confirmed that such an event occurred, but did not specifically mention Coinbase. It noted that it had relieved two staff members from duty earlier in the year for accessing information about a client without proper authorization.
Furthermore, the outsourcing company suggested that “a much broader, coordinated criminal campaign” against its client had hired these employees to feed sensitive data to them for social engineering scams.
Pretty Much Explains the Fraud Reports
Interestingly, Coinbase has been the target of several social engineering attacks lately. Blockchain sleuth ZachXBT identified the persistent menace in a May report, claiming that the exchange’s clients lost $330 million annually to the scams.
Meanwhile, Coinbase has disclosed it would not pay the $20 million that the fraudsters demanded. Instead, it stated that it would work closely with law enforcement agencies and offered a $20 million bounty for information that would lead to the arrest of these individuals.
Coinbase disclosed that it would cost the firm $400 million to fix the data breach issue. Meanwhile, the US Department of Justice is also investigating the issue for a possible
The prominent US exchange recently joined the S&P 500, becoming the first crypto firm to be included in the index fund, which tracks the largest public companies in the US by market capitalization.
DisClamier: This content is informational and should not be considered financial advice. The views expressed in this article may include the author's personal opinions and do not reflect The Crypto Basic opinion. Readers are encouraged to do thorough research before making any investment decisions. The Crypto Basic is not responsible for any financial losses.
