Daijiworld Media Network – New York

New York, Jun 1: Cryptocurrency giant Coinbase has suffered its largest-ever data breach, exposing sensitive information of over 69,000 customers and potentially costing the firm up to $400 million. As per a Fortune report, the breach occurred after hackers bribed Indian customer service agents to leak confidential records.

The hackers reportedly targeted TaskUs, a US-based outsourcing firm with a strong presence in Indore, India, where agents had been handling Coinbase customer support since 2017. In January, TaskUs laid off over 200 Indian staffers working on the Coinbase account—weeks after the data theft was uncovered.

With monthly salaries ranging from $500 to $700, some agents were allegedly lured by bribes. Coinbase has since severed ties with the involved personnel. “That’s the weakest point in the chain,” said Sergio Garcia, founder of crypto investigations firm Tracelon.

While the breach didn’t directly compromise Coinbase’s crypto vaults, hackers used stolen information to impersonate staff and scam customers into revealing their crypto credentials. Coinbase has promised to reimburse affected users but has not disclosed the exact number of victims.

A class-action lawsuit has been filed in New York accusing TaskUs of negligence. The company, denying wrongdoing, said it has boosted its security systems and suspects a broader scheme involving attacks on several Coinbase-linked vendors.

The hackers are believed to belong to a group called “the Comm” or “Community,” comprising English-speaking young cybercriminals who coordinate on Telegram and Discord. Their roles ranged from bribing agents to carrying out phishing scams, according to a source within the group.