Home > Security > Security News

Former Coinbase Support Agent Arrested in India Over Insider Data Breach

Published
Written by:
Lore Apostol
Lore Apostol
Cybersecurity Writer
Office - Police Files - Handcuffs
Summarize with:
ChatGPT logo ChatGPT Claude.ai logo Claude.ai Google AI logo Google AI Grok logo Grok Perplexity logo Perplexity
Google logo Add as preferred source on Google
Key Takeaways
  • Insider Threat: Authorities in India have arrested a former customer service agent for allegedly facilitating unauthorized access to Coinbase's internal systems.
  • Data Exposure: The breach compromised sensitive PII and KYC documentation of approximately 69,500 users.
  • Enforcement Action: This arrest marks a development in the ongoing investigation into the May 2025 incident involving bribed outsourcing employees.

A former Coinbase customer support representative was arrested by law enforcement officials in Hyderabad, India. The unnamed individual is accused of collaborating with cybercriminals to exfiltrate sensitive user information from the American cryptocurrency exchange and financial services company's database earlier this year. 

Arrest Follows Investigation into Insider Facilitation

This action follows a cryptocurrency data breach initially disclosed by Coinbase in May 2025, where rogue employees at an outsourcing partner, TaskUs, were bribed to grant system access to external threat actors. 

In subsequent disclosures, Coinbase acknowledged that unauthorized access by other, unnamed overseas support agents was implicated in the data breach.

Arrest announcement
Arrest announcement | Source: Brian Armstrong on X

Coinbase CEO Brian Armstrong has indicated that one further detention is anticipated as the investigation proceeds.

Scope of the Coinbase Customer Data Leak

The incident exposed a critical vulnerability within the support supply chain. The Coinbase customer data leak affected roughly 69,500 customers, compromising highly sensitive Personally Identifiable Information (PII), including names, dates of birth, physical addresses, and the last four digits of Social Security numbers. 

Furthermore, the breach involved the theft of scanned documents related to "Know Your Customer" (KYC) compliance protocols. The attackers originally demanded a $20 million ransom to withhold publication of the stolen data, a demand the company refused.

In response to the incident, TaskUs terminated the involved personnel and ceased operations for the specific department associated with the breach in January. 

This month, law enforcement dismantled a €700 million crypto fraud and laundering network and the Cryptomixer laundering service.

Add a Comment
Related
Cryptojacking
Hacker Arrested in KMSAuto Clipper Malware Campaign Targeting Cryptocurrency
Cyber Job Moves 29 December
Recent Cybersecurity Appointments Across Government, Banking, and Technology
Hacker Camera Map Surveillance
HoneyMyte APT Campaign Uses Kernel-Mode Rootkit to Deploy ToneShell
IoT - Pet Food - Feeder - Laptop - Phone
IoT Device Vulnerabilities in Smart Pet Feeders: Petlibro Exposes Pet, User and Employee Details
Data center - Server racks - Man - Monitor
MongoDB Flaw Allows Unauthenticated Memory Access, Immediate Patching Required
Riverbank – Laptop – Investigators – Evidence bags
Accused Coupang Data Thief Threw Laptop into the River, Founder Apologizes for Recent Data Breach 
Most Popular
Cryptojacking
Hacker Arrested in KMSAuto Clipper Malware Campaign Targeting Cryptocurrency
Cyber Job Moves 29 December
Recent Cybersecurity Appointments Across Government, Banking, and Technology
Hacker Camera Map Surveillance
HoneyMyte APT Campaign Uses Kernel-Mode Rootkit to Deploy ToneShell
IoT - Pet Food - Feeder - Laptop - Phone
IoT Device Vulnerabilities in Smart Pet Feeders: Petlibro Exposes Pet, User and Employee Details
Data center - Server racks - Man - Monitor
MongoDB Flaw Allows Unauthenticated Memory Access, Immediate Patching Required
Riverbank – Laptop – Investigators – Evidence bags
Accused Coupang Data Thief Threw Laptop into the River, Founder Apologizes for Recent Data Breach 
Hacker Arrested in KMSAuto Clipper Malware Campaign Targeting Cryptocurrency
Recent Cybersecurity Appointments Across Government, Banking, and Technology
HoneyMyte APT Campaign Uses Kernel-Mode Rootkit to Deploy ToneShell
IoT Device Vulnerabilities in Smart Pet Feeders: Petlibro Exposes Pet, User and Employee Details
MongoDB Flaw Allows Unauthenticated Memory Access, Immediate Patching Required
Accused Coupang Data Thief Threw Laptop into the River, Founder Apologizes for Recent Data Breach 

Most Popular
Cryptojacking
Hacker Arrested in KMSAuto Clipper Malware Campaign Targeting Cryptocurrency
Cyber Job Moves 29 December
Recent Cybersecurity Appointments Across Government, Banking, and Technology
Hacker Camera Map Surveillance
HoneyMyte APT Campaign Uses Kernel-Mode Rootkit to Deploy ToneShell
IoT - Pet Food - Feeder - Laptop - Phone
IoT Device Vulnerabilities in Smart Pet Feeders: Petlibro Exposes Pet, User and Employee Details
Data center - Server racks - Man - Monitor
MongoDB Flaw Allows Unauthenticated Memory Access, Immediate Patching Required
Riverbank – Laptop – Investigators – Evidence bags
Accused Coupang Data Thief Threw Laptop into the River, Founder Apologizes for Recent Data Breach 
Hacker Arrested in KMSAuto Clipper Malware Campaign Targeting Cryptocurrency
Recent Cybersecurity Appointments Across Government, Banking, and Technology
HoneyMyte APT Campaign Uses Kernel-Mode Rootkit to Deploy ToneShell
IoT Device Vulnerabilities in Smart Pet Feeders: Petlibro Exposes Pet, User and Employee Details
MongoDB Flaw Allows Unauthenticated Memory Access, Immediate Patching Required
Accused Coupang Data Thief Threw Laptop into the River, Founder Apologizes for Recent Data Breach 

TechNadu keeps you informed with the latest in cybersecurity, VPNs, and technology. From expert guides to in-depth reviews, we provide the knowledge you need to stay secure and connected in the digital world.

© 2025 TechNadu. All Rights Reserved. TechNadu is a part of Leaprove Media LLP.

Close lightbox
Facebook
Twitter
Linkedin
Reddit
Email
Copy Link
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: