In May, Cryptocurrency giant coinbase revealed a major data violation, affecting over 69,000 customers – its biggest security failure ever. Breach, which could cost the company to $ 400 million, hackers in India to leak sensitive data after bribing customer service workers in India, according to A. Report in luck.
Role of outsourcing
Hackers targeted taskus employees, a US-based company that provides customer service assistance to major technical firms. Taskus has a major presence in India, and its agents have held support for the coinbase since 2017 in Indore. In January, Taskus gave more than 200 time Indian employee Working for the coinbase – a few weeks after the discovery of data theft.
India does not have taskus salary high – often between $ 500 and $ 700 per month. Due to low salary, some workers in India were persuaded to hand over confidential customer records in exchange for bribe. The coinbase confirmed that relations with individuals involved and other foreign agents have been cut.
Sergio Garcia, the founder of Crypto Investigation Company Traselon, said, “Obviously it is the weakest point in the series, as there is an economic reason for him to accept bribes.”
Hackers used data for social scams
The stolen information was not enough to reach the crypto vaults of the coinbase directly. Instead, criminals used it coincidence Staff and trick to give their crypto property to customers. These social engineering scams led the real financial loss, although the coinbase has not ascertained how many customers have lost funds. The company says it is reimbursing the affected users.
Legal trouble and taskus response
A class action case has been filed in New York alleging negligence. The company says that the claims are baseless and say it is strengthening its safety measures. Taskus believes that two agents were part of a comprehensive plan associated with attacks on several service providers associated with the coinbase.
Who is behind it?
Hackers are believed to be considered part of a relaxedly connected group, known as “The Com” or “Community”-Youva, English-speaking cyber criminals that coordinate through telegram and discord. Unlike traditional hacking groups Russia Or North Korea, Com, contains adolescents and young adults who often compete online for attention and success.
According to a hacker, who spoke with luck under the surname “Puffy Party”, various members of the group handled various parts of the operation: bribing agents, collecting data and carrying out the scam.
