Business Sandesh Indian Newspaper | Articles | Opinion Pieces | Research Studies | Findings & News | Sandesh News
Hyderabad Police in India have arrested a former Coinbase customer service agent in connection with a major data breach disclosed by the U.S. cryptocurrency exchange in May 2025, Coinbase CEO Brian Armstrong announced on December 26.
The incident involved cybercriminals bribing overseas support staff—likely contractors via outsourcing firm TaskUs—to access sensitive customer data, including names, addresses, emails, phone numbers, and government IDs for approximately 69,461 users. Attackers demanded a $20 million ransom, which Coinbase refused, instead offering a matching bounty for leads. No customer funds or private keys were compromised.
Armstrong praised the Hyderabad Police on X, stating: “We have zero tolerance for bad behavior and will continue to work with law enforcement to bring bad actors to justice. Thanks to the Hyderabad Police in India, an ex-Coinbase customer service agent was just arrested. Another one down and more still to come.”
The breach, originating in late 2024 but detected in May, cost Coinbase an estimated $307 million in remediation, reimbursements, and security upgrades—making it one of 2025’s costliest non-hacking incidents. It highlights persistent insider threats in outsourced operations.
Coinbase has enhanced internal controls, terminated involved contractors, and cooperated with international authorities, including U.S. prosecutors. The arrest marks the first in the case, with more expected amid ongoing investigations.
This development underscores growing cross-border enforcement in crypto crimes and the need for robust safeguards against human vulnerabilities in global support teams. Users are advised to enable 2FA and remain vigilant against phishing. Markets remain volatile; conduct independent research.
