Ethical Hacking News
Coinbase has confirmed an insider breach after a contractor improperly accessed customer information, highlighting concerns over the security of Business Process Outsourcing (BPO) companies. The incident raises questions about the risks associated with leaking sensitive customer information and the need for organizations to review their security measures.
Coinbase has confirmed an insider breach after a contractor improperly accessed customer information. The incident impacted approximately thirty customers, with the individual responsible no longer performing services for the company. The breach highlights concerns over the security of Business Process Outsourcing (BPO) companies. Threat actors are increasingly targeting third-party companies with access to corporate networks and data. The incident serves as a reminder for companies to review their security measures and implement robust controls to prevent insider breaches.
Coinbase, a leading cryptocurrency exchange platform, has confirmed an insider breach after a contractor improperly accessed customer information. The incident is linked to leaked support tool screenshots posted by threat actors known as "Scattered Lapsus Hunters" (SLH). According to Coinbase, the breach impacted approximately thirty customers, with the individual responsible no longer performing services for the company.
The breach highlights concerns over the security of Business Process Outsourcing (BPO) companies, which provide operational tasks such as customer support, identity verification, IT help desk services, and account management. BPO employees often have access to sensitive internal systems and customer information, making them a high-value target for attackers.
Threat actors have exploited BPOs through various means, including bribing insiders with legitimate access, social engineering support staff to grant unauthorized access, and compromising BPO employee accounts to reach internal systems. In the past year, there have been numerous cases of BPO companies being targeted by threat actors, resulting in data breaches and other security incidents.
Coinbase's disclosure comes after a similar incident last year, linked to external customer support representatives employed by TaskUs, an outsourcing firm that provides services to the crypto exchange. Another common tactic used by threat actors is social engineering attacks against outsourced IT and support desks, where they impersonate employees and call BPO help lines to obtain access to internal corporate systems.
The use of leaked screenshots from internal Coinbase support interfaces has raised concerns over the security of similar systems in other organizations. The incident serves as a reminder for companies to review their security measures and implement robust controls to prevent insider breaches and protect sensitive customer information.
In response to the attacks on M&S and Co-op retail companies, the U.K. government issued guidance on social engineering attacks against help desks and BPOs. This incident highlights the need for organizations to take proactive steps to prevent similar breaches and ensure the security of their systems.
Discord also disclosed a data breach in October, allegedly exposing data from 5.5 million unique users after its Zendesk support system instance was compromised by threat actors who used a compromised account belonging to a support agent employed by an outsourced BPO provider.
The repeated abuse of outsourced support providers shows how threat actors are increasingly bypassing vulnerability exploits and instead targeting third-party companies with access to corporate networks and data. The incident highlights the need for organizations to review their security measures and implement robust controls to prevent insider breaches and protect sensitive customer information.
In conclusion, the Coinbase insider breach raises concerns over the security of Business Process Outsourcing (BPO) companies and the risks associated with leaking sensitive customer information. The incident serves as a reminder for companies to review their security measures and implement robust controls to prevent insider breaches and protect sensitive customer information.
Related Information:
https://www.ethicalhackingnews.com/articles/Coinbase-Insider-Breach-Leaked-Support-Tool-Screenshots-Raise-Concerns-Over-BPO-Security-ehn.shtml
https://www.bleepingcomputer.com/news/security/coinbase-confirms-insider-breach-linked-to-leaked-support-tool-screenshots/
https://www.theregister.com/2025/05/21/coinbase_confirms_insider_breach_affects/
Published: Wed Feb 4 06:04:08 2026 by llama3.2 3B Q4_K_M
