Ex-Coinbase Agent Arrested in India For 2025 Security Breach

Indian law enforcement has arrested a former customer service agent tied to a significant data breach at Coinbase, the U.S. cryptocy exchange. The arrest was revealed by Coinbase CEO Brian Armstrong in a post on X, where he thanked the Hyderabad Police and said authorities are continuing efforts to bring “bad actors” to justice. Armstrong indicated this is the first arrest in a larger probe and suggested further detentions may follow.

India Law enforcement has yet to make any public announcement regarding the arrest. The arrest connects back to a major breach disclosed by Coinbase in mid-2025, in which hackers reportedly bribed outsourced support personnel to extract sensitive customer data. The breach, which affected tens of thousands of users and triggered at least one class-action lawsuit, was traced to agents working for TaskUs, a Texas-based business process outsourcing (BPO) firm with centers in India.

According to disclosures, the attackers were unable to access private keys or passwords. However, the stolen customer information was sufficient to carry out targeted social engineering attacks, where victims were impersonated and persuaded to hand over access to their accounts. Coinbase warned that remediation, reimbursements, and security upgrades related to the breach could cost the company around four hundred million dollars. Reports also indicated that the attackers attempted to extort Coinbase for $20 million, threatening to further exploit the stolen data.

Separately, U.S. authorities recently arrested Ronald Spektor, a 23-year-old Brooklyn resident, in connection with a widespread phishing and impersonation scam that targeted Coinbase users. Prosecutors in Brooklyn charged Spektor with orchestrating a scheme that allegedly stole nearly $16 million in cryptocy from about 100 Coinbase users nationwide by impersonating Coinbase support representatives and convincing victims that their assets were at risk. The Coinbase case highlights how social engineering, rather than direct system hacks, has emerged as one of the most effective attack vectors against crypto users in 2025.

Terron Gold