- Trending
- Comments
- Latest
The ongoing Coinbase data breach has taken a new turn, as an amended class-action lawsuit filed by Greenbaum Olbrantz places a TaskUs employee at the center of the alleged conspiracy. According to court documents filed Tuesday, the breach affected more than 69,000 Coinbase customers and exposed confidential personal and financial information.
Coinbase first disclosed the incident in May, confirming that it had reimbursed affected users, notified regulators, and severed ties with TaskUs, a third-party customer support provider. The exchange also announced strengthened internal security controls in response to the breach.
“Coinbase acted quickly to mitigate the impact, reimburse customers, and protect its platform,” the company said in a prior statement.
At the heart of the Coinbase data breach is Ashita Mishra, a former TaskUs employee accused of stealing confidential data between September and January. Mishra, alongside unnamed accomplices, allegedly sold sensitive customer records to hackers. These hackers then impersonated Coinbase staff to siphon crypto assets from unsuspecting victims.
The amended complaint describes Mishra’s role as part of a “hub-and-spoke conspiracy” designed to funnel Coinbase customer data from TaskUs systems to organized cybercriminals.
“Ms. Mishra was part of a sophisticated hub-and-spoke conspiracy that funneled Coinbase customer data from TaskUs computers to criminals at the center of the conspiracy,” — lawsuit statement citing a TaskUs investigator.
Hackers reportedly paid Mishra $200 for each stolen photo containing customer data. At times, she is alleged to have taken up to 200 photos a day, with her phone later discovered to contain information on more than 10,000 Coinbase customers.
The lawsuit claims Mishra and her team intentionally compartmentalized employees into isolated groups, preventing each circle from knowing others were involved. This structure, according to filings, allowed the exfiltration of highly sensitive personal identifiable information (PII) to continue undetected.
Beyond employee misconduct, the lawsuit also accuses TaskUs of concealing the full extent of the incident. Court documents suggest that the company fired nearly 300 employees at its Indore, India office, citing its inability to identify all individuals tied to the conspiracy.
The amended complaint further alleges that TaskUs disbanded its HR team and terminated staff who were investigating the breach which is a move plaintiffs describe as a “pattern of concealment.”
“Upon information and belief, TaskUs terminated those employees to conceal the true extent of its security failures,” — Amended lawsuit filing.
TaskUs also came under scrutiny for its February Form 10-K filing with the U.S. Securities and Exchange Commission (SEC). Despite the unfolding scandal, the filing claimed the company was “not aware of any material data breaches” which is a statement now challenged by the plaintiffs as misleading to both regulators and investors.
Although Coinbase has stressed that no direct loss of customer funds occurred during the Coinbase data breach, cybersecurity experts warn that the exposure of sensitive information poses long-term risks.
“The real danger isn’t just immediate theft,” said Michael Bennett, cybersecurity researcher at Chainalysis, in an interview with Decrypt. “Identity theft, phishing attacks, and long-term fraud could follow users for years.”
Hackers tied to a group identifying as “the Comm” are suspected of orchestrating the campaign. With identity data now potentially in the hands of organized criminals, affected users remain vulnerable despite Coinbase’s reimbursements.
For crypto investors, the case underscores the risks of relying on third-party service providers for customer support and data handling. It also places pressure on exchanges like Coinbase to tighten oversight of contractors.
“Incidents like the Coinbase data breach reveal a systemic issue: outsourced vendors often hold the keys to customer data, yet may lack the rigorous security infrastructure expected of financial institutions,” — Sarah Johnson, senior analyst at CryptoPolicy Institute.
The lawsuit against TaskUs continues to unfold, with plaintiffs seeking damages for affected customers and stronger accountability from both Coinbase and its vendors. Regulators may also revisit disclosure obligations for publicly listed companies, given TaskUs’s contested SEC filing.
For now, Coinbase insists its platform remains secure. Still, the Coinbase data breach serves as a stark reminder for both exchanges and investors: protecting sensitive data is just as critical as safeguarding funds on-chain.
