Of course
I am very concerned about that and here's the advice of investors and experts, edited for clarity and style:
Jonathan Levin, co-founder of Chainalysis1. Before you open up an account on Coinbase [or other exchanges], set up an unique email that you are going to use for that account.
2. Make sure to set a really hard and long password, and you are the only one to access it from a piece of paper that you control.
Dan Romero, VP of operation at Coinbase
1. On Coinbase, turn off SMS-based two-factor authentication and account recovery for your email account. If you move to Google Authenticator but don't turn off SMS account recovery, a phone port attack can still lead to an email compromise.
2. On Coinbase, setup the Coinbase Vault and two-factor authentication for any sends off-site.
Sean Everett, VP of product management, Coinbase account was hacked by phone porting attack1. Don't talk about cryptocurrency publicly, especially on social media.
2. Call your cellphone provider, put every level of security you possibly can, and add a passcode to it. The next level protection is to add a "do not port" SIM card to your account. That can last for a year.
3. Even though Coinbase says it takes security seriously and has system designs to protect customers, it's not a bank. Don't trust it as such.