Police in India have arrested a former Coinbase customer support agent who’s believed to have been bribed by cybercriminal gangs to entry delicate buyer data.
Coinbase CEO Brian Armstrong introduced the arrest on Twitter.
“We’ve zero tolerance for unhealthy habits and can proceed to work with legislation enforcement to convey unhealthy actors to justice,” tweeted Armstrong. “Due to the Hyderabad Police in India, an ex-Coinbase customer support agent was simply arrested. One other one down and extra nonetheless to come back.”
The arrest pertains to a information breach that Coinbase disclosed again in Could 2025, when it revealed that help workers had been bribed by criminals at hand over buyer information. The scheme had truly begun months earlier than, though the agency’s inside safety groups didn’t spot any suspicious exercise till January.
When the hackers lastly made contact in Could, they demanded a US $20 million ransom and threatened to leak the main points of practically 70,000 prospects on the darkish net if Coinbase did not pay up – together with names, addresses, telephone numbers, e mail addresses, photos of presidency IDs, masked Social Safety numbers, and checking account data.
Coinbase refused to co-operate with its extortionists.
As an alternative, the cryptocurrency change introduced that it might put that very same US $20 million in direction of a reward fund for data resulting in the arrest and conviction of these answerable for the assault.
On the time, firm CEO Brian Armstrong launched a video apologising to prospects, and promising to pursue these accountable and produce them to justice.
In interviews for the reason that incident, Armstrong has described how cybercriminal gangs had been providing US $250,000 bribes to customer support representatives to leak delicate information.
“We began getting buyer help brokers get provided like 250 grand bribes to show over buyer data. You supply 1,000 folks 250k to show over some data like that. They’ll discover one or two unhealthy apples. After which the attackers would name up our prospects and say, hey, here is Coinbase help. Are you blah blah blah who lives at this tackle? And it might create credibility and they’d attempt to inform them, hey, your account has been compromised. Like it’s worthwhile to transfer your funds instantly and like kind of trick folks into sending their funds to the attacker.”
It’s estimated that the breach might in the end price Coinbase as much as US $400 million, together with reimbursements to affected prospects.
The newly-reported arrest has led some critics to recommend that Coinbase’s determination to outsource customer support operations abroad might have contributed to the issue within the first place.
The argument goes that it may be simpler for a cybercriminal to bribe somebody when they’re poorly paid and never handled effectively.
It is a reminder that regardless of how refined your technical safety measures may be, the human ingredient stays a persistent vulnerability – notably when buyer help capabilities are outsourced to 3rd events who could also be tougher to vet and monitor.
