Topic: 6000 coinbase clients hacked (Read 789 times)
I am one of the guys who got crooked when Cryptopia went down. To this day I'm waiting for the Claims for the heist to be sorted but it seems that is halted and I probably won't see any compensation back for the lost funds. I wonder if the guys who got hacked at Coinbase will ever have the option to claim their losses...
This is what we always worry about, even though we have completed all security requirements when on exchanges but because of data theft from various sources then all security systems are useless, this is what makes decentralized exchanges more attractive and I prefer to use Pancake swaps if I want to buy or sell coin.
Everything can't be done on pancakeswap, pancakeswap is only a decentralized exchange that allows you to trade cryptocurrencies and tokens without a centralized intermediary. Conbase and several other major exchanges such as Binance have features and advantages that will make crypto transactions easier. The security used is also getting updated and getting more secure. Security is not a guarantee that it will continue to be safe, but at least the big exchanges are safer and more trustworthy for our personal identities. 
Another example why using central exchanges is risky. The hackers knew private data of the users. One corrupt employee or one successful hack and bad guys capture your email, home address, phone number and sell it to local criminals who might knock on your door then best encrypted wallets are useless. Cryptocurrencies are designed for peer to peer usage. If you change it into peer to bank to peer then this adds some risks.
https://www.reuters.com/business/finance/coinbase-says-hackers-stole-cryptocurrency-least-6000-customers-2021-10-01/
https://www.reuters.com/business/finance/coinbase-says-hackers-stole-cryptocurrency-least-6000-customers-2021-10-01/
This is what we always worry about, even though we have completed all security requirements when on exchanges but because of data theft from various sources then all security systems are useless, this is what makes decentralized exchanges more attractive and I prefer to use Pancake swaps if I want to buy or sell coin.
This is what the users are worried about. We do not know what happened . It is feared that people from inside may misuse the data or sell user data for their own benefit. However, Coinbase stated that it was not the result of the data that was obtained not from them. .we have to be careful about this .
This is a very large hack and this is all due to their personal data spread to third parties, and this is also a result of the weak security owned by coinbase and they will lose many users, let alone some say this is all due to negligence on the part of coinbase, hackers with difficulty obtaining user data then we have to be careful in using the central exchange because the risk is very large, and also the storage of personal data must always be at a high level of security,
Big error on the side of coinbase, really. Nowadays, hacking shouldn't be easy so the first thing that comes to mind when personal information about users get leaked out is that it may have been more of an inside job than a hacking incident. But of course, hacking cannot he singled out since nothing is impossible, may be difficult but not impossible. Whatever the case, the blame lies on coinbase still for not being able to protect the safety of the funds of their users. Google auth should've been required. And users should be wary too. If they are gon go and trade, then take it out after. Be it spot or futures.
I think it's a blame for both coinbase and those of it's users who still haven't learnt how insensitivity and exposed they are by leaving their funds in exchanges. I haven't read coinbase terms and conditions or disclaimer but with the numerous hacks on big exchanges like them selves then they should be a warning to clients leaving their huge funds in the exchange, the warning should be made to clients at the point of their registration. We have to stamp hacking out, it's impossible though but if it can be avoided, and loss reduced.
Big error on the side of coinbase, really. Nowadays, hacking shouldn't be easy so the first thing that comes to mind when personal information about users get leaked out is that it may have been more of an inside job than a hacking incident. But of course, hacking cannot he singled out since nothing is impossible, may be difficult but not impossible. Whatever the case, the blame lies on coinbase still for not being able to protect the safety of the funds of their users. Google auth should've been required. And users should be wary too. If they are gon go and trade, then take it out after. Be it spot or futures.
So since this happened what has Coinbase done about the users that were affected? Because 6000 is not a small number so I know that it’s going to be difficult for Coinbase to do something about this, unless maybe with time they might be able to settle all this users for the losses that they have been through on their platform. Making use of centralized platforms has always been a huge risk in the sense that when these centralized platforms gets hacked by any group of hackers they have access immediately to the user's database.
They gave them their money back.
And 6000 although it is a big number out of the millions of customers it is a very small percentage.
If you read the other articles online about it and the discussions about it, it looks like they were not hacked, but rather had an insecure setup on the 2FA that allowed the criminals to change the password of coinbase customers with just access to the customers email address. So they did not even need access to the coinbase systems.
Now, not saying that it's not a lapse in conbases procedures, but if you leave your wallet on the counter at the coffee shop and walk away and someone takes your cash.
The proper statement is not "I was robbed" it's more along the lines of "I had money stolen because I was not paying attention"
https://bitcointalksearch.org/topic/m.58083904 has what I thought happened, security people are saying that is was a bit different then that from the technical side but more or less what happened.
SMS is not and never was safe as a 2FA: https://bitcointalksearch.org/topic/for-all-of-you-that-still-think-sms-for-2fa-for-wallets-is-or-was-safe-5363971
-Dave
This is why I left coinbase few years ago. I'm pretty sure coinbase has been experienced similar issues continuously in past few years and for what I am experienced when I was using coinbase I would say the support is pretty bad in my opinion when I was using web wallet back in that day.
Quote
Unauthorized third parties exploited a flaw in the company's SMS account recovery process to gain access to the accounts, and transfer funds to crypto wallets not associated with Coinbase, the company said.
From what I just read on the news that OP posted, I do feel like they need to make better security because if we are talking about web wallet so security is the first factor you have to think first because your funds are vulnerable once your funds touch that type of wallet. 
In this case the extra vigilance that we have to do for the security of our assets, in the digital world there is always the sale of personal data misused by irresponsible parties and they are always looking for ways to get what they want even if the way they use is not right, and the security system applied to a device there is always a weakness and trust from the second party is also very important as it is with koinbase about the accuser. When we sell data to third parties, so in this case we are always careful with the personal data we have.
Another example why using central exchanges is risky. The hackers knew private data of the users. One corrupt employee or one successful hack and bad guys capture your email, home address, phone number and sell it to local criminals who might knock on your door then best encrypted wallets are useless. Cryptocurrencies are designed for peer to peer usage. If you change it into peer to bank to peer then this adds some risks.
https://www.reuters.com/business/finance/coinbase-says-hackers-stole-cryptocurrency-least-6000-customers-2021-10-01/
I don't believe the safety guarantee on all exchanges is 100% even if they tell you how secure the exchange is, don't keep your assets there. Well, at least once not for long. Regardless of how protected they claim to be? As long as there are many users on that exchange, they will forever be the target of hackers, who will continue to try to do what they can to steal all assets from users and a security without No exchanges are now 100% guaranteed, trust me, Coinbase is no exception. The best thing is that the exchange from Coinbase they will have a good measure that is to refund the money that the user has stolen. https://www.reuters.com/business/finance/coinbase-says-hackers-stole-cryptocurrency-least-6000-customers-2021-10-01/
Another example why using central exchanges is risky. The hackers knew private data of the users. One corrupt employee or one successful hack and bad guys capture your email, home address, phone number and sell it to local criminals who might knock on your door then best encrypted wallets are useless. Cryptocurrencies are designed for peer to peer usage. If you change it into peer to bank to peer then this adds some risks.
https://www.reuters.com/business/finance/coinbase-says-hackers-stole-cryptocurrency-least-6000-customers-2021-10-01/
So since this happened what has Coinbase done about the users that were affected? Because 6000 is not a small number so I know that it’s going to be difficult for Coinbase to do something about this, unless maybe with time they might be able to settle all this users for the losses that they have been through on their platform. Making use of centralized platforms has always been a huge risk in the sense that when these centralized platforms gets hacked by any group of hackers they have access immediately to the user's database.https://www.reuters.com/business/finance/coinbase-says-hackers-stole-cryptocurrency-least-6000-customers-2021-10-01/
And just like you have said a bad employee in the company can be stealing information and selling it to bad people who might decide to hack with whatever information that belongs to the users. So it’s very best that people learn to secure their assets and make sure they’re using the best practices.
Another example why using central exchanges is risky. The hackers knew private data of the users. One corrupt employee or one successful hack and bad guys capture your email, home address, phone number and sell it to local criminals who might knock on your door then best encrypted wallets are useless. Cryptocurrencies are designed for peer to peer usage. If you change it into peer to bank to peer then this adds some risks.
https://www.reuters.com/business/finance/coinbase-says-hackers-stole-cryptocurrency-least-6000-customers-2021-10-01/
even how hard or strict a exchange is but if there is corruption on going surely cases like this will continues to happen.https://www.reuters.com/business/finance/coinbase-says-hackers-stole-cryptocurrency-least-6000-customers-2021-10-01/
This is same reason that it is really hard to trust sites that asks KYC because it will always be the target of criminals.
People from some countries are not allowed to use decentralised non-regulated exchanges. Most of them are forced to use exchanges regulated by law, take the example of China or USA. Even major exchanges set in their TOS to not accept registrants from those countries for legal issues.
The point here is not to use centralised exchanges at all, especially as they are rgulated, but to not use those exchanges for big money long term holds. Always remember the rule 'Not your keys, Not your coins'
Another example why using central exchanges is risky. The hackers knew private data of the users. One corrupt employee or one successful hack and bad guys capture your email, home address, phone number and sell it to local criminals who might knock on your door then best encrypted wallets are useless. Cryptocurrencies are designed for peer to peer usage. If you change it into peer to bank to peer then this adds some risks.
https://www.reuters.com/business/finance/coinbase-says-hackers-stole-cryptocurrency-least-6000-customers-2021-10-01/
even how hard or strict a exchange is but if there is corruption on going surely cases like this will continues to happen.https://www.reuters.com/business/finance/coinbase-says-hackers-stole-cryptocurrency-least-6000-customers-2021-10-01/
This is same reason that it is really hard to trust sites that asks KYC because it will always be the target of criminals.
On one hand the government is cracking down really hard on any exchange with relaxed KYC norms. And on the other hand, there is a significant increase in incidents of hacking, and theft of documents that are being used for KYC. For me, this is a big concern. I had signed up for multiple centralized exchanges in the past and on many occasions I had to send the scanned copies of identity documents in order to complete the KYC formalities. If these documents end up with the wrong people, then it may create trouble for me.
Yet another reason why KYC is a bad thing. Damn, I wish I didn’t sign up to so many exchanges in the past. Obviously leaving a significant amount of bitcoin on an exchange is a bad idea but we shouldn’t have to worry about our personal details being stolen.
It's not the fault of KYC, it's the fault of the company that should be the one that's protecting their stuff from this hackers, they do know that they're at fault here but the problem is that they're too stingy to do an action to solve the problem.We have some holes every time which helping hackers for doing their own trick and stole their data and assets with success in few cases employee's from company give sensitive data to peoples for money and this all happen because hacking software are getting sophisticated just because of this exchanges need to upgrade their security level because now adoption is spreading and too many peoples are involved in this all, and they want some better security from exchanges.
Another example why using central exchanges is risky. The hackers knew private data of the users. One corrupt employee or one successful hack and bad guys capture your email, home address, phone number and sell it to local criminals who might knock on your door then best encrypted wallets are useless. Cryptocurrencies are designed for peer to peer usage. If you change it into peer to bank to peer then this adds some risks.
https://www.reuters.com/business/finance/coinbase-says-hackers-stole-cryptocurrency-least-6000-customers-2021-10-01/
Well to be honest using centralized exchanges and keeping some huge amount of your investment on it is a stupid idea, and any traders should be knowing that high funds are always at risk and his data is exposed if he is using an online, and to honest hacks are bound to happen one way or another and they are always done by some form of human error and there will always be some loophole in the security that somonesomwhere in the world will use it, so it is better to have control over your own funds rather keeping it in the hands of others. https://www.reuters.com/business/finance/coinbase-says-hackers-stole-cryptocurrency-least-6000-customers-2021-10-01/
Quote
The question is.... Why has this been swept under the carpet for months?
It wasn't. They notified folks whose accounts were compromised and dealt with it. The only new thing is that Reuters decided to (again) make it 'news'. Must be a slow week for them?or probably just a futile attempt at FUD?
Hacks could happen whether inside job or totally external attacks because we know that in reality that nothing is unhackable on this world so expect the unexpected.
Thing here is that these platforms/services would able to handle these things up.
Yet another reason why KYC is a bad thing. Damn, I wish I didn’t sign up to so many exchanges in the past. Obviously leaving a significant amount of bitcoin on an exchange is a bad idea but we shouldn’t have to worry about our personal details being stolen.
You hit the nail.
Isn't about how risky or how secure the exchange is, the problem is that people use them as wallets. And that's a really big mistake. People should only depo and withdraw when they want to trade, but never hold the coins in the exchange, because if something goes wrong then they will lose all their cryptos.
Even how many times have we read about this advise and yet, a lot of crypto users are still storing their funds in exchanges. And if in case you will store for a time in exchanges, make sure the exchange some sort of insurance that you can get your money back if anything happens. Just like what binance has, they have safu, which is like an emergency insurance for their users.
Yet another reason why KYC is a bad thing. Damn, I wish I didn’t sign up to so many exchanges in the past. Obviously leaving a significant amount of bitcoin on an exchange is a bad idea but we shouldn’t have to worry about our personal details being stolen.
You hit the nail.
Isn't about how risky or how secure the exchange is, the problem is that people use them as wallets. And that's a really big mistake. People should only depo and withdraw when they want to trade, but never hold the coins in the exchange, because if something goes wrong then they will lose all their cryptos.
Jump to: