Coinbase CEO Confirms Arrest in India Linked to Data Breach Scandal

TLDR

• Indian authorities arrest a former Coinbase agent tied to a data breach in May 2025.
• Coinbase faces $307 million in breach-related costs after cybercriminals accessed user data.
• Coinbase offered a $20 million bounty for information leading to arrests in the data breach.
• The breach, starting in December 2024, impacted 69,461 Coinbase users worldwide.

Coinbase CEO Brian Armstrong announced the arrest of a former customer service agent in India in connection with the company’s insider data breach disclosed in May 2025. Armstrong made the announcement on the social media platform X (formerly Twitter), stating that “another one down and more still to come.” This arrest marks a significant step in the ongoing investigation into a breach that affected over 69,000 Coinbase users.

The Data Breach Incident

The data breach, which began in December 2024, involved a cybercrime scheme in which hackers bribed offshore customer service agents to steal sensitive data from Coinbase users. The stolen data included personal information such as names, addresses, phone numbers, and government identification numbers.

According to Coinbase’s filing with the Maine Attorney General’s Office, the breach impacted 69,461 users. The hackers behind the attack demanded a ransom of $20 million, which Coinbase chose not to pay. Instead, the company launched a matching bounty program for any information that could lead to the arrest of the criminals involved.

In response to the breach, Coinbase confirmed that it had incurred $307 million in expenses related to the incident, including costs for customer reimbursements and remediation efforts. The company has been working closely with law enforcement agencies to investigate the breach and hold those responsible accountable.

Connection to Business Process Outsourcing Firm TaskUs

A key element in the investigation pointed to the involvement of agents at TaskUs, a business process outsourcing (BPO) firm based in Texas but with operations in India. TaskUs employees were allegedly recruited by a broader criminal network targeting Coinbase and other companies.

A report by Fortune revealed that TaskUs had identified two employees who had been involved in the data theft, but the scale of the criminal network appears to have impacted other businesses that utilized TaskUs for customer support services.

A TaskUs spokesperson noted that the firm had taken appropriate measures by identifying the compromised employees and cooperating with law enforcement. While TaskUs works to prevent future incidents, this breach underscores the growing risks of data theft through insider threats, especially in outsourcing operations.

Coinbase’s Response and Legal Actions

The arrest in India follows Coinbase’s efforts to bring the culprits to justice, including the launch of a $20 million bounty program aimed at uncovering leads in the case. In addition to these efforts, the company has faced legal action.

Coinbase is currently dealing with a shareholder class action lawsuit over the delayed disclosure of the breach. The lawsuit claims that the company should have informed the public and its shareholders about the breach sooner.

Coinbase’s proactive stance on dealing with cybercrime has been a point of focus. The company continues to work with law enforcement, and CEO Brian Armstrong has emphasized that more arrests are expected as the investigation continues. Armstrong reiterated Coinbase’s zero-tolerance policy for insider threats, signaling that the company is committed to holding all parties involved in the breach accountable.

Ongoing Investigation and Legal Proceedings

This arrest in India represents just the beginning of what is expected to be an extended legal process. The breach, which involved a highly coordinated scheme, is under investigation by both U.S. and Indian authorities. Law enforcement agencies in both countries have been working together to track down all individuals connected to the crime.

Additionally, a separate investigation in Brooklyn resulted in the indictment of Ronald Spektor, a man accused of stealing $16 million from approximately 100 Coinbase users through a phishing scheme. This highlights the broader problem of cybercrime targeting cryptocurrency platforms, where both phishing and insider threats are significant concerns for companies like Coinbase.

The legal proceedings surrounding this case are expected to continue as Coinbase faces additional scrutiny from shareholders and regulatory bodies. With the company’s public announcement of this first arrest, there is an expectation that more arrests will follow as the investigation progresses.

The post Coinbase CEO Confirms Arrest in India Linked to Data Breach Scandal appeared first on CoinCentral.