Topic: Coinbase Accounts Hacked Threads on Reddit? (Read 92 times)

Any popular custodial wallets are prone on hack and that isn't new to me when someone got hacked due to their carelessness.  It's our responsibility to protect our account if we used this custodial wallet, it must double or triple the security level of your account from utilizing strong 2FA and must have a secure email and of course creating a strong password.

However, you can monitor the activity of your Coinbase account, (https://www.coinbase.com/settings/account_activity) if there is any suspicious login or any device that linked or associated with your account, that's the time that you immediately change your email or password.  This is the first preventive step of protecting your account against hackers and does take your account security to the next level.

I think you already answered your question and in the first place, how can a hacker surpass your 2FA security level and get the code or email access.
But if that's will happen that someone can withdraw your fund from the vault, you can simply cancel the withdrawal once you notified of the activity.  And here is what you need to read Coinbase Help regarding that matter.

Custodial wallets such as Coinbase are always targeted by hackers and most of their method are done through phishing emails and websites and that is why there are several cases of hacks happening to its users.


Any kind of hack that has a contribution to the user's carelessness or error will make Coinbase not liable to anything so its safe to say that they can get away with it. AFAIK their insurance is just for your cash balance in your account as they are covered by the FDIC as most of the cash balance from Coinbase are stored in banks which is covered by it and that is only for US customers only. I don't know how their insurance works though if it covers hacks or not.



Assuming that you have full control of your account and the hacker hasn't change your password or anything then you can cancel it as the cancellation of your withdrawal from Coinbase Vault has actions required from your account, tbh I don't know how this will prevent things if the hacker already knows your passwords from your account and email as he can definitely change them revoking your control from your account.

Yes, if Coinbase is hacked directly your USD balance is covered by FDIC insurance for up to $250K. If your account gets hacekd and you are the one to blame not a bug or an exploit in Coinase's system you are not covered for even a cent.


Coinbase has only come with numbers about their insurance for the hot wallets although they've always claimed they have some kind of insurance for their vault at "industry standards" they've never published as far as I know any number n the sum they are insured for. With them holding around $50b in BTC alone I doubt they are insured to cover an all-out breach of their security.


It's 48 hours after you have confirmed the withdraw on both your account and security email address but that is for the normal vault, not the pro version.I don't know what level of security they have on the more advanced custody program. Besides Coinbase has always had 2FA and you won't be able to change withdraw from the vault without that The only way you could get "hacked" so bad that you lose access to your phone via a sim swap and if you see your phone is no longer working, you can't access your emails and for 48 hours you don't contact coinbase to block your account it's your fault also. Also, Coinbase has a hotline for this kind of problems, you can call them not waiting for an email.

Coinbase has listed its shares on the stock exchange so it will strictly protect its users and may spend more money in improving the speed of the support team's response to that. If there is a big problem and many people report it, I expect it to be resolved quickly.
Unfortunately, many people deal with the Internet not seriously and carefully. They may give their personal data to a site that tells them that they have earned free money.

Coinbase has 56 million[1] users. And knowing how careless people are concerning security, don't be surprised that people get hacked all the time.

Pretty much.

Through Coinbase vault, hacks will definitely be a lot more infrequent simply due to the extra difficulty with withdrawals. But that is, if the user manages to immediately know what's going on.

I'm not sure(because I don't use Coinbase Vault or even Coinbase itself), but I'd assume support for such issues would be responded by them a lot faster. And since such risks exist, there's a reason why self custody through hardware wallets has always been a heavy recommendation to the masses.

---

[1] https://s27.q4cdn.com/397450999/files/doc_downloads/Copy-of-Q1'21-Guidance-Call-Release.pdf

So I been checking reddit lately and coinbase and everyday, there is literally multiple threads about people getting hacked.  I did read lot of these threads and most of these issues seem to be on the user's side where they make mistakes with their security.  But how often is anything on coinbase's end?  I mean everyday you see multiple threads of people saying their got their coins hacked.



In cases like these, I assume coinbase is never responsible right?  I mean let say someone had no coins in coinbase but only usd funds.  Let say they had 5 digits worth of usd.  If a hacker bought coins and then sent it to their own wallet, that means the user of the account is screwed right?  But i heard something like usd is insured by coinbase... but this is not what they mean right?  I assume that insurance is only if coinbase itself got hacked or they go down etc?



Now what about people who send their coins to coinbase vault for storage?  If that happens, do accounts still get hacked?  I heard if you keep coins there, you cant withdraw for two whole days... so wouldnt that mean if a customer got hacked, they could then contact coinbase within that time period so hacker can't withdraw during that time frame?  But the other issue is doesnt coinbase take a while to reply back to emails and thus by that, the hacker could have got into the account?