Coinbase aware of recently disclosed data leak since January: Reuters

Coinbase was aware of a significant customer data breach as early as January 2025 but only publicly disclosed it in May 2025 through a filing with the Securities and Exchange Commission (SEC).

The breach involved an India-based employee of the outsourcing company TaskUs, who was caught taking photos of customer data on her work computer and allegedly supplying this information to hackers in exchange for bribes.

Coinbase was notified immediately after the incident was discovered and took action by firing the compromised employees and referring them to law enforcement.

The breach affected nearly 70,000 Coinbase customers and is estimated to potentially cost the company up to $400 million. Over 200 TaskUs employees were dismissed in a mass layoff following the incident.

The stolen data included sensitive personal information such as names, addresses, phone numbers, government ID images, masked Social Security numbers, account balances, and transaction histories, but did not include login credentials, private keys, or access to customer funds.

Coinbase received an extortion demand for $20 million from the hackers attempting to cover up the breach but refused to pay and instead set up a $20 million reward fund for information leading to the arrest and conviction of the perpetrators.

The company has been cooperating with U.S. and international law enforcement agencies in the investigation.

Coinbase had prior knowledge of the data breach months before going public, took internal measures to address the issue, and publicly disclosed the breach only after receiving an extortion demand.

It's me, @justmythoughts, an ordinary Hive user looking to make the most of the platform. I will appreciate your support. Follow me for more. Thanks, Gracias :)