A massive security breach at Coinbase has left over 69,000 users vulnerable. Instead of sophisticated hacking tactics, the attackers leveraged a cost-cutting strategy: bribing call center workers in India, leading to significant financial losses and raising questions about data protection practices in the industry. The hackers, reportedly teenagers fluent in American English, exploited a customer service team at TaskUs, an outsourcing firm handling Coinbase’s calls since 2017. Their access to internal systems allowed them to impersonate Coinbase employees and deceive users into handing over their cryptocurrencies. The breach, made public on May 15, could cost Coinbase up to $400 million. 2023 saw TaskUs lay off 226 employees from its Indore facility after admitting that two employees had illegally accessed client data. TaskUs claims the breach was part of a larger coordinated campaign targeting multiple service providers. Coinbase is not only facing these costs, but also has been hit by a class-action lawsuit over negligence in safeguarding user data. Concerns are growing about the security implications of outsourcing customer support to India. The incident highlights how vulnerable tech companies are when their employees aren’t properly trained or adequately compensated. Investigations are ongoing into who exactly orchestrated this attack and whether they were individuals or part of a larger social engineering network. This breach marks a critical turning point in how we view the use of Indian call centers for global users, highlighting the vulnerability of backend operations even with advanced encryption techniques.