Record Coinbase Data Breach from TaskUs Insider Collusion
The Coinbase data breach affected 69,461 users after TaskUs support staff in India colluded with cybercriminals.
Between September 2024 and January 2025, insiders exfiltrated up to 200 customer records daily, photographing names, addresses, bank details and transaction logs. They sold each screenshot for $200.
In total, the leak compromised sensitive data on over 69,000 users, with estimated losses of $400 million. Coinbase data breach fallout prompted the exchange to sever ties with TaskUs, reimburse victims and offer complimentary credit monitoring for one year. The platform also launched a $20 million bounty for leads to the hackers.
TaskUs responded by firing 226 staff and halting its HR investigation amid Blackstone’s $1.6 billion acquisition. A revised class-action lawsuit in the US District Court for the Southern District of New York accuses TaskUs of systemic oversight failures, delayed disclosure and internal suppression of probes. The breach underscores the growing security risks of crypto outsourcing and may spur heightened regulatory scrutiny and market volatility.
Neutral
The Coinbase data breach poses reputational risks for the exchange, potentially leading to short-term volatility in trading volumes on its platform. However, it does not directly impact the underlying supply-demand dynamics of major cryptocurrencies. As no specific token is compromised and Coinbase’s core trading infrastructure remains intact, the broader crypto market is unlikely to see sustained price moves from this incident, resulting in a neutral outlook.