Revised lawsuit against the American outsourcing company TaskUs: Accusations that the company concealed key information regarding the Coinbase data breach and downplayed the scale of internal personnel involvement.
According to the Greenbaum Olbrantz law firm, which initially filed a class action lawsuit in May and submitted a revised complaint on Tuesday, a TaskUs employee named Ashita Mishra is a central figure in this incident affecting over 69,000 users of the exchange.
Coinbase disclosed the breach in May, stating that it had compensated affected users, notified regulators, and strengthened internal security controls while terminating its partnership with TaskUs.
TaskUs Employee Bribed to Leak Coinbase Data
The complaint alleges that Mishra, along with other unnamed accomplices, stole confidential information from Coinbase customers between September of last year and January of this year, selling it to hackers. These hackers used the information to impersonate Coinbase employees and steal cryptocurrency from unsuspecting victims. Coinbase previously claimed that the breach occurred in December.
"Ms. Mishra was involved in a complex, centralized conspiracy that transferred Coinbase customer data from TaskUs computers to the core members of a criminal group," the lawsuit cites a TaskUs employee responsible for investigating the incident.
According to the documents, Mishra and another key accomplice manipulated a "disconnected circle of TaskUs employees," who were unaware that others were also involved in the scheme. This structure was designed so that "even if one link in the conspiracy was caught, it could continue to steal highly sensitive personal identification information from TaskUs."
Criminals allegedly paid Mishra's team $200 for each photo containing Coinbase data. According to an earlier lawsuit from Coinbase, she sometimes took up to 200 photos a day. When TaskUs became aware of the breach, it was claimed that her phone contained information on over 10,000 Coinbase customers.
TaskUs Accused of Concealing Information
Other allegations in the revised lawsuit focus on TaskUs "taking measures to suppress personnel who were aware of the breach." The company previously fired nearly 300 employees from its Indore, India office, with the lawsuit stating that this was because the conspiracy "had widely infiltrated the TaskUs system to the extent that the company could not identify all involved personnel."
Reports indicate that TaskUs also disbanded its human resources team and fired employees responsible for investigating the breach. The revised complaint describes this as a "pattern of concealment." "Based on known information, TaskUs concealed the true extent of its security failures by firing these employees," the lawsuit added.
Other violations include TaskUs's failure to disclose the involvement in the Coinbase breach in its 10-K form submitted in February, effectively indicating to regulators and investors that the company was "unaware of any significant data breach" at that time.
According to earlier investigation results, a hacker group self-identified as "the Comm" is suspected to be the mastermind behind the incident. Although the incident did not result in a loss of funds for the exchange, the acquisition of sensitive customer information raised concerns about the risks of identity theft and phishing for affected users.
免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。
