The post 69,000 Victims, $200 per Photo: India Employee Tied to Coinbase Data Leak appeared first on Coinpedia Fintech News
Newly unsealed court filings and state records reveal details about a massive data breach at Coinbase, one of the world’s largest cryptocurrency exchanges. The incident, traced to an employee of Coinbase’s customer service contractor TaskUs, exposed sensitive data of more than 69,000 customers and led to losses estimated as high as $400 million.
According to the filings, TaskUs employee Ashita Mishra stole Coinbase user data starting in December 2024. Using her personal phone, she allegedly photographed Social Security numbers, bank account details, and government IDs from Coinbase accounts. She then sold these images to hackers for $200 each.
Hackers used the stolen information to impersonate Coinbase staff in calls and emails, tricking users into transferring funds. Some customers lost their entire retirement savings, the documents say.
The breach was discovered on May 11, 2025, but Coinbase did not notify affected users until May 30, 2025. By then, attackers had already drained many accounts.
Coinbase confirmed the scope of the incident in a Data Breach Notification filed with Maine regulators:
The filing was submitted by Michael Rubin, an attorney at Latham & Watkins LLP, acting as outside counsel for Coinbase.
The lawsuit claims TaskUs learned of the misconduct in January 2025 but sought to contain the damage by firing more than 300 employees and dissolving its internal investigation team instead of disclosing the breach. Plaintiffs accuse TaskUs of negligence, fraud, and breach of contract.
While TaskUs initially downplayed the breach as the work of “two individuals,” investigators allege the scheme involved a wider network of employees and supervisors.
Coinbase has cut ties with the implicated TaskUs staff and said that “rogue overseas support agents” were to blame. The exchange has offered free identity protection services to all affected customers and pledged to tighten internal controls.
Still, victims remain at risk. The lawsuit also said that fraud attempts continue, and some customers fear physical harm now that home addresses and bank details have been exposed.
Stay ahead with breaking news, expert analysis, and real-time updates on the latest trends in Bitcoin, altcoins, DeFi, NFTs, and more.
