Coinbase says hackers bribed staff to steal customer data, demanding $20M ransom

(www.cnbc.com)

410 points gpi | 1 comments | 15 May 25 15:52 UTC | HN request time: 0s | source

Show context

thepasswordis ◴[15 May 25 16:40 UTC] No.43996769[source]▶

The problem is that it seems like the data that leaked is also the data that would be used to do account recovery.

And what that means is that

1) If you lose access to your account (through either your own fault, or coinbases fault) that the process of recovering it may not be so straightforward anymore.

2) Hackers can try to “recover” accounts now using this leaked info.

This is a huge problem. What coinbase needs are IRL offices where you can go and do things like account recovery, and where people trying to steal money can be caught and prosecuted (and makes a huge barrier for the overseas thieves who are usually doing this)

The only solution here is: hardware 2 factor like yubikeys.

replies(9): >>43996798 #>>43998374 #>>43998426 #>>43999299 #>>43999324 #>>43999430 #>>43999499 #>>43999782 #>>44001348 #

piva00 ◴[15 May 25 16:43 UTC] No.43996798[source]▶

>>43996769 #

> What coinbase needs are IRL offices where you can go and do things like account recovery, and where people trying to steal money can be caught and prosecuted (and makes a huge barrier for the overseas thieves who are usually doing this)

That's just a bank.

replies(3): >>43996827 #>>43997006 #>>43997941 #

dowager_dan99 ◴[15 May 25 17:02 UTC] No.43997006[source]▶

>>43996798 #

Beyond the regulatory-dodge and crypto marketing explain to me how Coinbase is NOT a bank

replies(4): >>43997960 #>>43998213 #>>43999446 #>>44005712 #

1. chaosbolt ◴[15 May 25 19:03 UTC] No.43998213[source]▶

>>43997006 #

lol they even do fractional reserve things like banks, except they're more shady and don't acknowledge it, now I'm either connecting dots that shouldn't be connected or some withdrawal locks that happened through some big arbitrage opportunities were very suspicious.

↑