The crypto platform had been aware of the data breach for months before the official announcement, internal sources reveal.
A Reuters investigation uncovered that Coinbase had been informed as early as January 2025 about a data breach involving outsourced customer support agents in India. Six sources familiar with the matter confirmed that the exchange knew sensitive user information had been compromised through its contractor, TaskUs, months before the formal disclosure in May.
On May 14, in a filing with the SEC, TaskUs documented part of the breach, in which an employee at its Indian office was caught photographing his work computer screen with a personal phone. Five former TaskUs workers confirmed that this employee and an alleged accomplice had been bribed by hackers to obtain Coinbase user data.
Coinbase had a long-standing partnership with TaskUs, a Texas-based outsourcing company, to reduce labor costs by assigning customer support functions to offshore teams. Since 2017, TaskUs agents handled Coinbase customer inquiries, often from lower-wage countries like India, where employees earned between $500 and $700 per month.
The financial impact of the breach
The exchange estimated that the breach could cost the company up to $400 million. In its May filing, Coinbase admitted it hadn’t fully grasped the extent of the attack until May 11, when it received a $20 million extortion demand. In response, the company terminated the TaskUs employees responsible for the breach, along with several other unnamed foreign contractors.
