Author

Topic: PSA Coinbase wallets ARE GETTING HACKED even with 2FA!!! 2 victims and counting, (Read 1611 times)

legendary
Activity: 1176
Merit: 1010
Borsche
Also, as a rule of thumb: do not, I repeat, do not keep anything over 1btc on your mobile phone app. Just don't. If you need to spend thousands on the go, be good to your moneys, get an 11inch MBA dedicated to that purpose, and use phone for 2FA.
sr. member
Activity: 378
Merit: 255
And if Authy is telling you that somebody changed your Coinbase password and you didn't do it, you should be on the phone to Coinbase immediately (and online changing your password if you still can).  You don't ignore stuff like that.
sr. member
Activity: 266
Merit: 250
http://nourishingliberty.com/disaster-triumph-stolen-bitcoins/[1]
Quote
In my case, I was watching it happen in real time and unable to do anything. I had 2 factor authentication enabled for my wallet. I got an email from the authy app stating that my account had been reset and to click the link to verify it and that if I had not done that to ignore the email. I had not done anything so I ignored the email.
And get away from Coinbase. Their response to this situation has been horrible. Through lack of availability when the incident started to the flaws in their system that allows what I am finding to be prevalent hacking, their response is awful. Coinbase is worse than useless. As I speak to others about my experience, I realize that this is a common perception within the community.
...

this is the second case of hacking that i am aware of.
http://www.reddit.com/r/Bitcoin/comments/27suip/coinbase_compromised/[2]
why hasn't coinbase support addressed this breach of security?

edit just found this : https://hackerone.com/reports/5786[3]

how unprofessional is coinbase to not address any of these issues publicly?


i personally have not been hacked but am doing a PSA to avoid any possibility of another neobee or goxxing.

[1] Her email was hacked not coinbase.
[2] "The weakest link in any chain is the user and we have no way of verifying that you don't have a keylogger on your computer or connected your iPhone to an insecure or compromised wifi network.
Sorry, but there are too many holes to determine if this was a legitimate hack with the fault on Coinbase." - occams razor
[3] Coinbase response to the concerns bryan raised seemed adequate.

You too can find out information like this, and more through the power of reading!

I don't even use coinbase. I'm just a guy that writes software that hates users that blame software when they are the ones at fault.

This.

For a sensible person it's actually HARD to get hacked. I only ever log into Coinbase from one computer, and my username and password there are different from any other site where I have an account.

If I were hacked it would have to be my dog who did it.
full member
Activity: 195
Merit: 100
Coinbase just announced a new "Vault" feature today. So there.  Cheesy
newbie
Activity: 27
Merit: 0
I'm just a guy that writes software that hates users that blame software when they are the ones at fault.
Amen to that brother!
Posted from Bitcointa.lk - #cwbs5DrJTrdk4AXw
legendary
Activity: 2576
Merit: 1087
http://nourishingliberty.com/disaster-triumph-stolen-bitcoins/[1]
Quote
In my case, I was watching it happen in real time and unable to do anything. I had 2 factor authentication enabled for my wallet. I got an email from the authy app stating that my account had been reset and to click the link to verify it and that if I had not done that to ignore the email. I had not done anything so I ignored the email.
And get away from Coinbase. Their response to this situation has been horrible. Through lack of availability when the incident started to the flaws in their system that allows what I am finding to be prevalent hacking, their response is awful. Coinbase is worse than useless. As I speak to others about my experience, I realize that this is a common perception within the community.
...

this is the second case of hacking that i am aware of.
http://www.reddit.com/r/Bitcoin/comments/27suip/coinbase_compromised/[2]
why hasn't coinbase support addressed this breach of security?

edit just found this : https://hackerone.com/reports/5786[3]

how unprofessional is coinbase to not address any of these issues publicly?


i personally have not been hacked but am doing a PSA to avoid any possibility of another neobee or goxxing.

[1] Her email was hacked not coinbase.
[2] "The weakest link in any chain is the user and we have no way of verifying that you don't have a keylogger on your computer or connected your iPhone to an insecure or compromised wifi network.
Sorry, but there are too many holes to determine if this was a legitimate hack with the fault on Coinbase." - occams razor
[3] Coinbase response to the concerns bryan raised seemed adequate.

You too can find out information like this, and more through the power of reading!

I don't even use coinbase. I'm just a guy that writes software that hates users that blame software when they are the ones at fault.
legendary
Activity: 2268
Merit: 1278
What kind of 2FA do they use?
full member
Activity: 238
Merit: 100
I am so sorry this happened to you. I am wondering, however, if it really went past 2FA or if you had not specified that you wanted 2FA for all transactions. Under the advanced tab the default is not to have 2FA for transactions under $100 per day. However, you can request it for each day. That may be one way. Otherwise, I'd imagine it was a phising attack of some sort.
full member
Activity: 157
Merit: 100
http://nourishingliberty.com/disaster-triumph-stolen-bitcoins/[1]
Quote
In my case, I was watching it happen in real time and unable to do anything. I had 2 factor authentication enabled for my wallet. I got an email from the authy app stating that my account had been reset and to click the link to verify it and that if I had not done that to ignore the email. I had not done anything so I ignored the email.
And get away from Coinbase. Their response to this situation has been horrible. Through lack of availability when the incident started to the flaws in their system that allows what I am finding to be prevalent hacking, their response is awful. Coinbase is worse than useless. As I speak to others about my experience, I realize that this is a common perception within the community.
...

this is the second case of hacking that i am aware of.
http://www.reddit.com/r/Bitcoin/comments/27suip/coinbase_compromised/[2]
why hasn't coinbase support addressed this breach of security?

edit just found this : https://hackerone.com/reports/5786[3]

how unprofessional is coinbase to not address any of these issues publicly?


i personally have not been hacked but am doing a PSA to avoid any possibility of another neobee or goxxing.
Jump to: