Coinbase cut ties with TaskUs, reimbursed victims, and launched a $20 million bounty for leads.
A newly unsealed court filing has revealed the most detailed account yet of the massive data breach that struck Coinbase earlier this year, exposing more than 69,000 users and causing damages estimated at $400 million.
The documents allege a coordinated insider scheme led by an employee of TaskUs, the customer service outsourcing firm hired by the exchange, and accuse the company of concealing the extent of the incident.
Court documents reveal further details of the Coinbase data breach. Ashita Mishra, an employee at Coinbase's outsourced customer service company in India, stole sensitive customer information, including social security numbers and bank account details, starting in September 2024.…
— Wu Blockchain (@WuBlockchain) September 17, 2025
Insider Theft at TaskUs
According to the court filing, Ashita Mishra, an employee at TaskUs’s Indore office in India, began stealing sensitive customer data in September 2024.
Using her phone, she allegedly photographed up to 200 customer records per day, including names, emails, addresses, bank account details, balances, and even Social Security numbers.
$200 Per Image
The stolen information was sold to hackers for $200 per image, who then used it to impersonate employees at the leading American crypto exchange and defraud users.
By the time Mishra was arrested in January 2025, her personal device reportedly contained data from more than 10,000 customers.
Investigators allege Mishra recruited supervisors and team leaders, turning the theft into a hub-and-spoke conspiracy within the TaskUs workforce.
The operation allegedly funneled Coinbase data from TaskUs systems to external hackers, who were linked to a loose criminal collective known as “the Comm.”
Allegations Against TaskUs
The complaint expands the case beyond insider misconduct, accusing TaskUs of negligence, fraud, and a deliberate effort to suppress the breach.
Plaintiffs argue that the company fired 226 employees in Indore and later dismantled its human resources investigation team in an attempt to silence those with knowledge of the breach.
They also allege TaskUs failed to disclose the incident while moving ahead with its $1.6 billion acquisition by Blackstone, calling this a “pattern of concealment.”
Coinbase Response
Coinbase has stressed that less than 1% of its active users were impacted and that it moved quickly once the breach surfaced.
The company reimbursed affected customers, offered free credit monitoring and identity restoration services, and terminated its relationship with TaskUs.
It also launched a $20 million bounty program for information leading to arrests and convictions, making the data breach one of the new cryptocurrency scams to surface in 2025.
next