CyberHappenings logo
Home Browse Watchlists Experimental About

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

Former Coinbase Support Agent Arrested for Facilitating Data Breach

First reported
Last updated
1 unique sources, 1 articles

Summary

Hide ▲

A former Coinbase customer support agent was arrested in Hyderabad, India, for assisting hackers in stealing sensitive customer data from a company database in early 2025. The breach exposed personal information of approximately 69,500 customers, including names, dates of birth, partial SSNs, addresses, phone numbers, email addresses, and KYC documents. The hackers demanded a $20 million ransom. The incident involved bribed employees of TaskUs, a customer support outsourcing firm in India. Additionally, a separate scammer, Ronald Spektor, was charged for impersonating Coinbase and stealing $16 million from 100 victims.

Timeline

  1. 29.12.2025 16:16 1 articles · 23h ago

    Former Coinbase Support Agent Arrested for Data Breach

    A former Coinbase customer support agent was arrested in Hyderabad, India, for assisting hackers in stealing sensitive customer data. The breach, which occurred through TaskUs, exposed personal information of 69,500 customers and led to a $20 million ransom demand. The incident involved bribed employees of TaskUs, and the firm shut down an entire department of 226 employees. Additionally, a separate scammer, Ronald Spektor, was charged for impersonating Coinbase and stealing $16 million from 100 victims.

    Show sources
    Open in new tab

Information Snippets

Similar Happenings

Coupang Data Breach Exposes 33.7 Million Customer Records

Coupang, a South Korean e-commerce platform, confirmed a data breach affecting 33.7 million customers, including names, emails, phone numbers, physical addresses, and order information. The breach, initially detected on June 24, 2025, but discovered on November 18, 2025, was traced to an overseas unauthorized access. The Seoul Metropolitan Police identified a suspect, a former Coupang employee from China, who has left South Korea. The breach did not expose payment information or login credentials. Coupang has blocked the access route and strengthened internal monitoring. The police are investigating potential vishing or smishing activities related to the breach. On December 10, 2025, Coupang's CEO, Park Dae-jun, stepped down, taking full responsibility for the data breach and the company's response. Harold Rogers, the current chief administrative officer and general counsel based in Seattle, has been appointed as interim CEO. The Seoul Metropolitan Police raided Coupang's headquarters on December 9, 2025, to search for internal documents and records related to the breach. South Korea's Personal Information Protection Commission (PIPC) ordered Coupang to revise its liability exemption clause for data breaches and simplify its membership cancellation process. The suspect is a 43-year-old Chinese national who joined Coupang in November 2022 and left in 2024. The police are gathering records such as internal documents, logs, system records, IP addresses, user credentials, and access histories. The incident has sparked high-volume phishing activity in South Korea, affecting roughly two-thirds of its population, and the police have received hundreds of reports of Coupang impersonation since the start of the month. Coupang announced $1.17 billion (1.685 trillion Won) total compensation for the 33.7 million customers affected by the data breach. The compensation will be provided gradually, starting on January 15, 2026, to all Coupang customers, including WOW and non-WOW members, as well as those who canceled their membership. Each customer will receive four single-use purchase vouchers totaling 50,000 won (around $34). Coupang contacted the former employee directly earlier this month, met with them, and recovered their desktop computer's hard drives containing the sensitive data. A MacBook Air laptop belonging to the suspect was recovered from a river, where they disposed of it in an attempt to destroy evidence. The perpetrator accessed 33 million accounts but retained user data from approximately 3,000. The former employee did not transfer any of this data to others and subsequently deleted it from his devices.

Open in new tab