Coinbase — overseas-contractor breach

What happened

On 15 May 2025, Coinbase filed a Form 8-K with the SEC and published a public statement disclosing that a group of overseas customer-support contractors had been bribed by external criminals to extract internal data on a subset of high-net-worth Coinbase users. The contractors worked for TaskUs, a business-process outsourcer Coinbase used at scale, primarily out of India. The buyers paid the bribed agents around $200 per customer record.

Approximately 69,000 customers — close to 1% of Coinbase’s monthly transacting users — had personal data exfiltrated. Exposed fields included full name, mailing address, phone number, email, date of birth, masked Social Security numbers, masked bank-account numbers, government-ID images and account balances. Coinbase confirmed in its filing that no passwords, two-factor codes, wallet seed phrases or customer funds were accessed.

The attackers then issued a $20 million extortion demand, threatening public release of the data. Coinbase publicly refused on 15 May, fired the implicated contractors, terminated relationships with the affected outsourcers, and announced a parallel $20 million reward fund for information leading to the attackers’ arrest and conviction. Estimated remediation, reimbursement and customer-support costs were disclosed at $180–400 million in the same 8-K.

The forensic record subsequently established that bribery had begun no later than September 2024. A former TaskUs employee, Ashita Mishra, was identified as a participant and was terminated by TaskUs in early 2025; she was arrested in India in late 2025. Civil litigation against TaskUs and Coinbase by affected customers is ongoing.

How it worked

The attack did not bypass any of Coinbase’s technical controls. The bribed contractors used the access they were already entitled to as customer-support agents.

Customer-support agents at large financial-services platforms need elevated read access to customer records to do their jobs — looking up transaction history, verifying identity, handling disputes, resetting access, processing recovery requests. That access level is a functional requirement of the role. The agents in this case used exactly the tooling they were supposed to use, executed exactly the queries the tooling was designed to support, and exfiltrated the results manually — in some cases as screenshots later sold or passed onward to the external organisers.

The scaling problem of customer support is the structural condition the attack exploited. Coinbase, like nearly every consumer-facing financial-services platform at scale, had outsourced a meaningful proportion of its support function to BPO firms operating out of jurisdictions with significantly lower labour costs. That cost structure is what makes 24/7 multilingual support economically viable. The same cost structure means the support agents are paid amounts where a $200-per-record bribe represents a meaningful financial event. The cost of recruiting one bribed insider in such a setting is small enough to be replicated at scale — and was. Reporting on the case suggests multiple TaskUs employees, recruited by the same external organisers over months, all selling records into the same buyer network.

The detection failure was the slow recognition that bulk data extraction was occurring. A support agent answering one customer’s call queries that customer’s account; that’s normal operational behaviour. An agent — or a session using an agent’s credentials — that queries hundreds or thousands of unrelated customer records over weeks is exhibiting a pattern with no legitimate support use case. The forensic investigation eventually surfaced that pattern, but only after the bribery scheme had been running for around eight months.

Coinbase’s public response was a model for the breach-disclosure playbook. Public disclosure within hours of the extortion demand removed the attackers’ leverage. Refusal to pay avoided creating a payment precedent. The $20 million counter-bounty inverted the economics of the case — the same dollar amount the attackers were demanding, redirected to anyone willing to identify them. The arrest of Ashita Mishra in India suggests that approach had at least one operational success.

Timeline

• November 2022 onward — Coinbase materially expands overseas BPO support operations, including TaskUs facilities in India.
• September 2024 (or earlier) — Bribery of TaskUs customer-support agents by external criminals begins. Bulk data exfiltration starts.
• December 2024 — First specific incidents tied by later forensic work to the campaign occur in Coinbase’s logs.
• January 2025 — Ashita Mishra, a TaskUs employee, terminated and subsequently arrested in India after internal escalation by TaskUs and Coinbase.
• 11 May 2025 — Attackers issue $20 million extortion demand to Coinbase.
• 15 May 2025 — Coinbase files SEC Form 8-K, publishes public statement, refuses to pay, announces $20 million counter-bounty. Affected customers begin receiving individual notifications.
• May–November 2025 — Class-action lawsuits filed against Coinbase and TaskUs. Estimated remediation costs disclosed at $180–400 million.
• December 2025 — Coinbase confirms arrest of former agent in India. Coinbase separately discloses a smaller, unrelated insider incident from December 2025 affecting around 30 customers.
• February 2026 — Coinbase confirms a second, separate insider breach via a contractor in December 2025 — distinct from the TaskUs campaign — affecting roughly 30 customers.

What defenders should learn

The Coinbase case is the textbook example of a structural risk that is widely understood and almost never properly mitigated: customer-support tooling in scaled consumer financial-services platforms is a high-leverage attack surface that does not respond to perimeter, network or endpoint controls. The agents are inside; the access is legitimate; the queries are operationally normal in shape. The only defences are upstream of the agent — what the tooling allows them to query, in what volumes, with what audit — and downstream — what behavioural anomalies are detected when a session deviates from the legitimate-support distribution.

The first lesson is the obvious one: rate-limit and anomaly-detect bulk querying. A support session that queries one account at a time, with timing patterns consistent with a customer call, is operating normally. A session that queries hundreds of accounts in a short window, especially across unrelated customers, has no legitimate analogue in support work. The detection capability for this is not technically difficult. It requires acknowledging that customer-support tools are a data-extraction surface, not just a customer-resolution surface, and instrumenting accordingly.

The second is to remove unnecessary fields from the support tier’s view by default. A support agent handling a billing question does not need to see masked Social Security numbers, government-ID images or account balances on the standard query screen. Tiered access — where the most sensitive customer fields are gated behind a separate authorisation step that is logged, reviewed and trended — sharply reduces the scope of what a single bribed agent can extract per session and forces a more visible authorisation pattern when the limit is approached.

The third is structural. The cost economics of overseas BPO support are real and the model is not going away. But the cost economics of bribing a single overseas agent are also real, and the gap between an agent’s monthly salary and a buyer’s $200-per-record payment is the variable that determines how easily this scheme replicates. Compensation, hiring, monitoring, rotation and screening for the support-tier population should be designed with that gap in mind. The contracts with BPO partners should include explicit obligations on insider-threat detection and audit, with penalties large enough to make insider negligence material to the BPO firm’s economics.

The Coinbase response — fast disclosure, refusal to pay, counter-bounty, contract termination — is the model. The Coinbase architecture that allowed eight months of bulk extraction before detection is the lesson.