Attackers bribed at least one overseas customer support agent contracted through third-party vendor TaskUs to access and steal Coinbase customer data from internal support systems. Data stolen on approximately 69,461 customers included names, addresses, phone numbers, email addresses, masked SSNs, masked bank account numbers, government-issued ID images (KYC), and account balance snapshots. Attackers demanded a $20 million ransom; Coinbase refused and instead offered a $20 million reward for information leading to the attackers’ arrest. Estimated total costs including remediation and customer reimbursements: up to $400 million. No passwords, private keys, or seed phrases were compromised. Multiple criminal investigations opened. Highlights risk of third-party vendor insider threats in high-value fintech operations.