Coinbase knew about the data leak in January

In a shocking revelation, Reuters reported that Coinbase had prior knowledge of a customer data leak since January. This raises questions about the company's delay in public disclosure. According to Coinbase's filing with the SEC, the company knew that contractors had accessed unnecessary data in the months prior. The company added that it was unaware that it was part of a larger operation until it received an extortion demand on May 11.

On May 15, Coinbase revealed a major cyber attack that involved the theft of personal information from high-profile users, such as Roelof Botha from Sequoia Capital. The hackers allegedly bribed and recruited dishonest foreign support agents to access users' personal data. The exchange platform stated: "No passwords, private keys, or funds were exposed. Prime accounts are intact."

However, the outsourcing company, TaskUS, claimed to have immediately notified Coinbase about the data leak after the detection by employees. The company identified an employee who was taking pictures of her work computer with her personal phone.

After the attack, the exchange platform promised to reimburse affected users and to cooperate with the Department of Justice investigation. However, it did not disclose whether it had prior knowledge of the attack. Legal director, Paul Grewal, stated: "We have notified and are working with the Department of Justice and other U.S. and international law enforcement agencies, and we are pleased that law enforcement is bringing criminal charges against these wrongdoers."

Furthermore, Reuters revealed that the Coinbase leak is related to a TaskUS agent based in India. It was this Indian-origin employee who was caught capturing images of her official computer.

According to reports, TaskUs laid off more than 200 employees in a mass firing. Three former employees and a person familiar with the matter confirmed that the company informed Coinbase about the incident. The former employees stated that company investigators or colleagues who witnessed the incident in Indore, India, informed them that the woman and an alleged accomplice reportedly sold customer information from Coinbase to hackers in exchange for bribes.

Moreover, the Reuters report added that Coinbase later stated it had recently discovered the incident. The platform added that it had "cut ties with the TaskUs staff involved and other foreign agents, and strengthened controls."