The revision of the New York class action lawsuit against Taskus adds new claims of systematic security obstacles and concealment in violations related to Coinbase customer data.
Corrected complaintsFiling in the Southern District of New York on Tuesday, adds a key element to previous disclosures about how Coinbase customer data was handled across a timeline of massive violations, from its late 2024 origins to Coinbase’s final one. Disclosure In May, it was estimated that the loss would reach up to $400 million.
“This is a criminal bribery scheme that abused both external vendors and a small number of Coinbase CX staff outside the US in the second half of 2024, allowing social engineering fraud for less than 1% of monthly trading users,” a Coinbase spokesperson said. Decryption.
Crypto Exchange said it immediately notified affected users and regulators and gave refunds to customers who affected it when tightening controls for vendors and insiders.
Coinbase then terminated its relationship with Taskus and refused to “pay the criminals.” Decryption.
Taskus didn’t return soon Decrypt’s Request a comment.
A significant change in the complaint explains a coordinated scheme within Taskus’ Indian operations. The employee is said to have acquired bribery to photograph sensitive account information and hand it over to criminals. The plaintiffs say the conspiracy has spread beyond frontline staff, urging Tasks to fire around 300 employees in January.
“A coordinated crime campaign”
The outsourcing company’s official statement said, “We believe in a much broadly coordinated criminal campaign that includes dozens, if not hundreds of Tasks employees,” the complaint said.
The submission also accuss Taskus of hiding the scope of the violation. According to the plaintiffs, the company “takes steps to silence those with knowledge of the violation,” and fired its own HR officer in February, tasked with investigating the violation.
It then continued to inform regulators that it had not undergone any serious violations, and moved forward with a $1.6 billion acquisition via Blackstone before Coinbase admitted the incident in May.
Form 10-K Submit Before Coinbase admitted the incident in May, it effectively claimed that it “is not aware of any significant data breach affecting the company” before Coinbase admitted the incident in May.
The revised complaints also expand the claim that Taskus ignored Section 5 of the FTC Actframing stale as systematic rather than isolated.
These standards guide what businesses should do to avoid “unfair” practices, Andrew Rossow, CEO of Andrew Affairs Attorney and CEO; Decryption. “Not all guidance is legally binding, but ignoring it can demonstrate that the company is careless or misleading.”
The courts and regulators are considering whether the compromised data is sensitive enough to be exposed to identity theft and financial loss, Rosseau explained.
It also examines whether safeguards such as encryption and multi-factor authentication have been adopted, whether risks are foreseeable, whether security promises are in line with reality, and whether consumers have the means to protect themselves.
Discover more from Earlybirds Invest
Subscribe to get the latest posts sent to your email.
