Yahoo Financeยท2025-09-17 13:44Core Insights - A significant data breach at Coinbase exposed over 69,000 users, with damages estimated at $400 million [1] - The breach was allegedly orchestrated by an employee of TaskUs, the customer service outsourcing firm, who engaged in insider theft [2][4] - TaskUs is accused of negligence and attempting to conceal the breach, particularly during its $1.6 billion acquisition by Blackstone [5] Insider Theft Details - Ashita Mishra, a TaskUs employee, began stealing sensitive customer data in September 2024, capturing up to 200 records daily [2] - The stolen data included names, emails, addresses, bank account details, balances, and Social Security numbers [2] - Mishra sold the information to hackers for $200 per image, leading to significant user impersonation and fraud [3] Allegations Against TaskUs - The operation involved a conspiracy within TaskUs, with Mishra allegedly recruiting supervisors to facilitate the theft [3] - TaskUs is accused of firing 226 employees in an effort to suppress knowledge of the breach and dismantling its HR investigation team [4] - Plaintiffs claim that TaskUs failed to disclose the breach while pursuing its acquisition by Blackstone, indicating a pattern of concealment [5] Coinbase's Response - Coinbase reported that less than 1% of its active users were affected and acted swiftly after the breach was discovered [5] - The company reimbursed affected customers and provided free credit monitoring and identity restoration services [5] - Coinbase initiated a $20 million bounty program for information leading to arrests and convictions related to the breach [6]