in May, Coinbase open The infiltrators dismantled the personal data of thousands of customers, which criminals used to deceive customers to hand them over to encryption. While the penetration, which says Coinbase will cost him up to $ 400 million, stems from Rogue employees in The use of external sources in IndiaThe largest encryption exchange in the United States provided some details about who was specifically responsible. Now, a new court presentation It provides a closer look at a suspect and how it helped implement the breach, which is the worst in the history of Coinbase.
According to the amended complaint filed by Greenbauum Olbrantz, a Class-Action, is linked to the penetration of Ashita Mishra, a Taskus employee, a Texas-based company in circulated in Texas that depends on customer service support for large technology companies to cheap labor markets. Merena worked at the Taskus Service Center in Endor, India.
In September 2024, it began to steal secret customer data, including social security and bank account information, claiming the lawsuit. Merena agreed to sell information to infiltrators, who used it to impersonate the Coinbase staff and attract victims to abandon the encryption.
From September to January, Mishra and another partner have recruited other Taskus employees to steal customer information in “a sophisticated conspiracy to the center and speaking that converted Coinbase’s data from Taskus Computers to criminals,” so that the team leaders and operating managers were complicit, as she claimed the complaint, referring to a former Taskus employee.
When Taskus eventually became wise in the breach, the Mishra phone has data for more than 10,000 Coinbase customers. She and others who were part of the conspiracy paid $ 200, according to the complaint. Sometimes, Mishra took up to 200 photos of Coinbase’s customer accounts daily. More than 69,000 customers, coinbase affected He said In organizational deposits.
It seems that the mastermind behind the bribery scheme are teenagers and twenty who are part of a loose group of criminal infiltrators called “Comm,” luck I mentioned earlier.
The claim that the theft of data started in September 2024 is important because Coinbase was previously I mentioned The date of the breach was in late December.
In another noticeable development, taskus alleged In this month, Coinbase staff, not only outside the sellers, participated in penetration, but the outer arc did not explain more.
Coinbase and Taskus did not immediately respond to requests to comment on the modified complaint. luck He was unable to find contact information for Ashita Merena.
“We put a top priority in protecting the data of our customers and customers and continuing to enhance global safety protocols and training programs,” said Taskus spokesman previously. luck.
“We have informed the affected users and organizers, cut ties with other Taskus employees and other external agents, and tightening controls,” said a Coinbase spokesman in a previous statement about the penetration.
“Hide pattern”
The narration shown in the complaint is the most detailed account so far for one of the largest encryption breakthroughs for this year and the largest violation of Coinbase in its history, which is not somewhat intended.
Other prosecutors’ lawyers sued the exchange of penetration. Coinbase has prompted these lawsuits to enter, a process that historically helped companies reduce both financial damage and negative propaganda.
This most likely explains the reason the class company chose to prosecute Coinbase Outsourcer, Taskus, instead of going to the encryption company directly.
As part of her complaint, the law office claims that Taskus “took steps to silence those who have a violation.” In January, the external arc fired 226 employees working in Endor, luck I mentioned earlier. The company took the short measure because the plot “has ranked largely to Taskus to the point that Taskus was unable to identify all the individuals concerned,” referring to a former employee in the outdoor arena.
On February 10, Taskus decided to launch the human resources team that brings it to investigate the breach, while the lawsuit claimed that it was “a pattern of concealment.”
The introduction of the new court from Greenbum Ulbrantz is a previous complaint foot In May, about two weeks after the hacker was detected. The company has previously brought high -level claims, including a suit This claims that airlines sold customer windows, only for their seats next to the walls without windows.
Coinbase tried to include the lawsuit to unify all complaints related to penetration against encryption exchange. Taskus moved to rejecting the lawsuit and preventing the inclusion of the case in the largest unified complaint.
“Our amended complaint provides an unprecedented accounting for how this violation of data will continue and we will continue to work to hold all the responsible parties accountable.”
https://fortune.com/img-assets/wp-content/uploads/2025/09/GettyImages-1247584215.jpg?resize=1200,600
Source link