Police in India have arrested a former Coinbase customer support agent who’s believed to have been bribed by cybercriminal gangs to entry delicate buyer data.
Coinbase CEO Brian Armstrong introduced the arrest on Twitter.
“We’ve zero tolerance for unhealthy conduct and can proceed to work with regulation enforcement to deliver unhealthy actors to justice,” tweeted Armstrong. “Due to the Hyderabad Police in India, an ex-Coinbase customer support agent was simply arrested. One other one down and extra nonetheless to return.”
The arrest pertains to a information breach that Coinbase disclosed again in Could 2025, when it revealed that assist employees had been bribed by criminals at hand over buyer data. The scheme had truly begun months earlier than, though the agency’s inner safety groups didn’t spot any suspicious exercise till January.
When the hackers lastly made contact in Could, they demanded a US $20 million ransom and threatened to leak the main points of practically 70,000 clients on the darkish internet if Coinbase did not pay up – together with names, addresses, cellphone numbers, e mail addresses, photographs of presidency IDs, masked Social Safety numbers, and checking account data.
Coinbase refused to co-operate with its extortionists.
As an alternative, the cryptocurrency trade introduced that it could put that very same US $20 million in direction of a reward fund for data resulting in the arrest and conviction of these liable for the assault.
On the time, firm CEO Brian Armstrong launched a video apologising to clients, and promising to pursue these accountable and produce them to justice.
In interviews for the reason that incident, Armstrong has described how cybercriminal gangs had been providing US $250,000 bribes to customer support representatives to leak delicate information.
“We began getting buyer assist brokers get supplied like 250 grand bribes to show over buyer data. You supply 1,000 individuals 250k to show over some data like that. They are going to discover one or two unhealthy apples. After which the attackers would name up our clients and say, hey, here is Coinbase assist. Are you blah blah blah who lives at this tackle? And it could create credibility and they might attempt to inform them, hey, your account has been compromised. Like you might want to transfer your funds instantly and like form of trick individuals into sending their funds to the attacker.”
It’s estimated that the breach might in the end price Coinbase as much as US $400 million, together with reimbursements to affected clients.
The newly-reported arrest has led some critics to recommend that Coinbase’s determination to outsource customer support operations abroad might have contributed to the issue within the first place.
The argument goes that it may be simpler for a cybercriminal to bribe somebody when they’re poorly paid and never handled effectively.
It is a reminder that irrespective of how subtle your technical safety measures is perhaps, the human component stays a persistent vulnerability – significantly when buyer assist capabilities are outsourced to 3rd events who could also be more durable to vet and monitor.
