|
Getting your Trinity Audio player ready...
|
- Insider theft at TaskUs allegedly exposed 69,000 Coinbase users.
- TaskUs accused of covering up breach during Blackstone deal.
- Coinbase reimbursed victims and launched $20M bounty program.
Stay ahead with real-time updates and insights—Join our Telegram channel!
A newly unsealed court filing has shed light on a sweeping insider scheme behind the massive data breach that hit Coinbase earlier this year, exposing personal data from more than 69,000 users and causing an estimated $400 million in damages. The filing alleges that the breach originated inside TaskUs, a customer support firm hired by Coinbase, and accuses the company of covering up the extent of the incident.
Court documents reveal further details of the Coinbase data breach. Ashita Mishra, an employee at Coinbase's outsourced customer service company in India, stole sensitive customer information, including social security numbers and bank account details, starting in September 2024.…
— Wu Blockchain (@WuBlockchain) September 17, 2025
Insider Theft Allegedly Orchestrated From India
Investigators claim Ashita Mishra, an employee at TaskUs’s Indore office, began stealing sensitive customer data in September 2024. She allegedly used her phone to photograph up to 200 customer records daily, including names, emails, addresses, bank details, balances, and even Social Security numbers.
The stolen information was reportedly sold to hackers for $200 per image, who used it to impersonate Coinbase staff and defraud users. By the time Mishra was arrested in January 2025, her device allegedly contained data from over 10,000 customers. Prosecutors say she recruited supervisors and team leaders, turning the theft into a coordinated hub-and-spoke conspiracy tied to a hacker group known as “the Comm.”
TaskUs Accused of Cover-Up and Negligence
The complaint also targets TaskUs itself, accusing the company of negligence, fraud, and deliberately concealing the breach. Plaintiffs allege TaskUs fired 226 employees in Indore and dismantled its HR investigation unit to silence insiders. They further claim TaskUs hid the breach while pursuing a $1.6 billion acquisition by Blackstone, calling this a “pattern of concealment.”
Also Read: Coinbase XRP Cold Wallets Plunge 90%: Could a Supply Crunch Push Prices Higher?
Coinbase Responds With Customer Protections
Coinbase emphasized that less than 1% of its active users were affected and that it acted swiftly. The company reimbursed victims, offered free credit monitoring, and severed ties with TaskUs. It also launched a $20 million bounty program for information leading to arrests and convictions, framing the incident as one of the most alarming crypto-related scams of 2025.
The lawsuit marks the most detailed account yet of the breach, raising serious questions about vendor oversight in the crypto sector. As legal battles unfold, the case underscores how insider threats can undermine even the most well-resourced platforms.
Stay ahead with real-time updates and insights—Join our Telegram channel!
Disclaimer: The information in this article is for general purposes only and does not constitute financial advice. The author’s views are personal and may not reflect the views of Chain Affairs. Before making any investment decisions, you should always conduct your own research. Chain Affairs is not responsible for any financial losses.
I’m your translator between the financial Old World and the new frontier of crypto. After a career demystifying economics and markets, I enjoy elucidating crypto – from investment risks to earth-shaking potential. Let’s explore!
