Most active commenters
  • conductr(8)
  • modeless(5)
  • (5)
  • VectorLock(4)
  • suzzer99(4)
  • cyanydeez(4)
  • rsynnott(4)
  • dx4100(3)
  • panarky(3)
  • zamadatix(3)

←back to thread

Coinbase says hackers bribed staff to steal customer data, demanding $20M ransom

(www.cnbc.com)
410 points gpi | 138 comments | 15 May 25 15:52 UTC | HN request time: 1.792s | source | bottom
1. modeless ◴[15 May 25 19:12 UTC] No.43998293[source]
I have been receiving regular spear phishing calls from these guys, or someone who bought the leaked data, with classic tactics like claiming that I need to confirm a potentially fraudulent transaction. They speak perfect English with an American accent, sound very friendly, and have knowledge of your account balance. Thankfully on the first call I realized it was a scam right away, and Google's call screening feature takes good care of the rest. Wish I could forward them to Kitboga[1].

I guess they didn't have as much luck as they wanted scamming Coinbase's customers, and once they had their fun they decided to try extorting Coinbase themselves.

[1] https://www.youtube.com/watch?v=HNziOoXDBeg

replies(10): >>43998497 #>>43998546 #>>43998550 #>>43998551 #>>43998639 #>>43999013 #>>43999303 #>>43999425 #>>43999455 #>>44000073 #
2. VectorLock ◴[15 May 25 19:37 UTC] No.43998497[source]
I just switched to iPhone from a pixel device and I’m shook by all the spam calls. How do iPhone users deal with this?
replies(15): >>43998554 #>>43998557 #>>43998574 #>>43998620 #>>43998651 #>>43998695 #>>43998976 #>>43999168 #>>43999284 #>>43999291 #>>43999322 #>>44000372 #>>44000409 #>>44001626 #>>44005180 #
3. dx4100 ◴[15 May 25 19:42 UTC] No.43998546[source]
Scams have gotten better since AI. Most of the common spelling mistakes are gone.

I was looking through some phishing e-mails the other day out of curiosity and found a weird unicode character mistranslated. Immediately knew it was an artifact of bad translation. So they're not perfect, but they're damn good.

replies(1): >>43998714 #
4. conductr ◴[15 May 25 19:42 UTC] No.43998550[source]
I started getting regular Coinbase login confirmation codes text messages with no attempts on my end

Same with my Microsoft account actually

I usually just ignore it but I assume someone is testing if my email can be used to login.

replies(1): >>43999207 #
5. panarky ◴[15 May 25 19:42 UTC] No.43998551[source]
If you had any significant assets on Coinbase at any time prior to this breach, spear phishing is the least of your worries.

Coinbase not only leaked your full name and address, they also gave up your balances, your transaction history, and images of your government identification.

People with "significant" crypto balances are being assaulted on the street and in their own homes, and family members are being kidnapped for ransom.

"Significant" in this case can be $10k or less.

Until now, your best defense secrecy. Never talk about crypto in public in any way that could be traced to your real-world identity.

Thanks to Coinbase that defense is now gone.

The bad guys can see who has ever had a significant balance on Coinbase (even if they don't right now), whether that balance was sold for cash and how much, or if you've ever transferred tokens off the exchange to a self-custody wallet.

Now the bad guys know who's worth kidnapping for ransom and where you live. For most people, a Google search of your name and home address turns up the names of family members who would would also be lucrative targets for kidnapping and threats of violence.

Coinbase will never be forced to reimburse all the damage they've done because the true cost would bankrupt the company.

replies(12): >>43998696 #>>43998820 #>>43999011 #>>43999267 #>>43999315 #>>43999840 #>>44000135 #>>44000613 #>>44001088 #>>44001777 #>>44002734 #>>44004453 #
6. dx4100 ◴[15 May 25 19:42 UTC] No.43998554[source]
I have my phone set to silence Unknown callers. What did you have setup on the Pixel before to block them?
replies(2): >>43998638 #>>44000743 #
7. acheong08 ◴[15 May 25 19:42 UTC] No.43998557[source]
iPhone user here. I put on airplane mode unless I'm making or expecting a call. Otherwise, I make it clear that email is my primary form of communication.
8. dx4100 ◴[15 May 25 19:44 UTC] No.43998574[source]
Also, on TMobile if you dial #662#, it'll block the Scam Likely calls at the carrier.
replies(2): >>43998988 #>>44001882 #
9. conductr ◴[15 May 25 19:48 UTC] No.43998620[source]
It’s my biggest gripe. They can pretty accurately flag a number as Spam or Telemarketing but in the “Silence Unknown Callers” setting I can only silence every single unknown caller. I can’t silence every single number that’s not in my contacts. When the plumber calls to confirm he’s in route, my phone needs to ring. Stuff like that.
replies(5): >>43999050 #>>44000166 #>>44001193 #>>44001196 #>>44001254 #
10. conductr ◴[15 May 25 19:50 UTC] No.43998638{3}[source]
That’s too heavy handed for me. I get valid calls that I need to answer that aren’t in my contacts.

The calls they flag as potential spam and telemarketers has been 100% accurate in my experience so i wish I could just silence those

replies(2): >>44000049 #>>44000316 #
11. taude ◴[15 May 25 19:50 UTC] No.43998639[source]
I got probably three or four in the past week.
12. taude ◴[15 May 25 19:52 UTC] No.43998651[source]
Yeup, I finally broke down went from Android -> IPhone 16 Pro. I like a lot about Apple's personal security policies for their consumers vs Google, but damn, I miss google's automatic call spam detection and management. All day long my Apple phone rings, and I just have to ignore the calls.
13. koakuma-chan ◴[15 May 25 19:56 UTC] No.43998695[source]
If it’s says Rogers you know it’s a scam
14. krunck ◴[15 May 25 19:56 UTC] No.43998696[source]
But hey, at least by being forced to give crypto exchanges all our personal details we're all super protected from the four horsemen: money laundering, drugs, terrorism and pornography.
replies(3): >>43998827 #>>43999664 #>>44001205 #
15. genghisjahn ◴[15 May 25 19:58 UTC] No.43998714[source]
The common spelling mistakes are there for a reason most of the time.
replies(1): >>43999447 #
16. zamadatix ◴[15 May 25 20:09 UTC] No.43998820[source]
> People with "significant" crypto balances are being assaulted on the street and in their own homes, and family members are being kidnapped for ransom. "Significant" in this case can be $10k or less.

I wonder why, select a person completely at random and by median you'll get just as much from what they have sitting in their checking account. Select a nicer area for an order of magnitude more. That's not encouragement to go assault people in their homes or kidnap families... just confusion.

replies(4): >>43998860 #>>43998883 #>>44000012 #>>44000093 #
17. ◴[15 May 25 20:10 UTC] No.43998827{3}[source]
18. Balgair ◴[15 May 25 20:14 UTC] No.43998860{3}[source]
Yeah, but banks and the normie monetary system has a lot more safeguards in it when it comes to account transfers. Or at least, they appear to have them.

Crypto? It's wild, and people think it's wild.

replies(2): >>43999682 #>>44000071 #
19. suzzer99 ◴[15 May 25 20:17 UTC] No.43998883{3}[source]
The median person does not have $10k sitting in a checking account that they can easily withdraw. My gut feeling is that the threat of kidnapping is a lot more serious in some countries. The US maybe not so much.
replies(3): >>43998971 #>>43998977 #>>43999705 #
20. ◴[15 May 25 20:26 UTC] No.43998971{4}[source]
21. patatino ◴[15 May 25 20:27 UTC] No.43998976[source]
I don’t get any calls, seems to be an US problem?
replies(3): >>43999191 #>>44000939 #>>44019478 #
22. zamadatix ◴[15 May 25 20:27 UTC] No.43998977{4}[source]
Good point, perhaps the lower $ examples are about other countries where that may be a lot more than median transactional account holdings and maybe that concern is part of why folks were using crypto holdings.
23. deepfriedbits ◴[15 May 25 20:28 UTC] No.43998988{3}[source]
I had no idea. Thank you!
24. suzzer99 ◴[15 May 25 20:31 UTC] No.43999011[source]
Florida teens kidnap Las Vegas man, drive him to Arizona desert, steal $4M in cryptocurrency

https://www.yahoo.com/news/florida-teens-kidnap-las-vegas-20...

replies(3): >>43999338 #>>44000987 #>>44001296 #
25. mistrial9 ◴[15 May 25 20:31 UTC] No.43999013[source]
> They speak perfect English, sound very friendly, and have knowledge of your account balance.

.. and are former employees of Coinbase .. oh! just imagining!!

26. bflesch ◴[15 May 25 20:34 UTC] No.43999050{3}[source]
iphone has been enshittified for several years now, it seems apple engineers are not using their own phones any more. I can understand it - when you're a millionaire just from your corporate job you won't be a stressed power user of your own iphones.
replies(2): >>43999536 #>>43999857 #
27. ge96 ◴[15 May 25 20:44 UTC] No.43999168[source]
I never answer my phone, also turned off sound except alarms a couple years ago
replies(1): >>44001554 #
28. lxgr ◴[15 May 25 20:47 UTC] No.43999191{3}[source]
Unfortunately, the US phone network is indeed completely unusable without a good spam call filter.
29. modeless ◴[15 May 25 20:49 UTC] No.43999207[source]
Oh yeah I get the Microsoft account emails, and Instagram ones, randomly (I have an account but never use it). I'm pretty sure SMS 2FA is turned off on my Coinbase account, which is highly recommended.
30. ClumsyPilot ◴[15 May 25 20:57 UTC] No.43999267[source]
> will never be forced to reimburse all the damage they've done because the true cost would bankrupt the company

This story keeps repeating. Maybe we should try it and see if it works as a deterrent.

replies(2): >>44000119 #>>44000417 #
31. coolcase ◴[15 May 25 20:59 UTC] No.43999284[source]
"Yeah yeah... installing your app now... oh there is an error... will try again..."
32. HWR_14 ◴[15 May 25 21:01 UTC] No.43999291[source]
You turn off the notifications from unknown callers? How does Android handle it?
replies(1): >>43999383 #
33. cyanydeez ◴[15 May 25 21:03 UTC] No.43999303[source]
its a shame it'll never stop, and the criminal element is now a legal capitalism
34. cyanydeez ◴[15 May 25 21:04 UTC] No.43999315[source]
"decentralized currency"
replies(1): >>43999348 #
35. scarface_74 ◴[15 May 25 21:05 UTC] No.43999322[source]
Settings -> Phone -> Silence Unknown callers
36. kmfrk ◴[15 May 25 21:06 UTC] No.43999338{3}[source]
Seems to be a whole thing in France too: https://www.theguardian.com/world/2025/may/04/french-police-....
replies(1): >>43999636 #
37. modeless ◴[15 May 25 21:07 UTC] No.43999348{3}[source]
Bitcoin is plenty decentralized. Coinbase deals with dollars, that's the non-decentralized part.
replies(1): >>43999706 #
38. modeless ◴[15 May 25 21:10 UTC] No.43999383{3}[source]
Sometimes you need to answer calls from unknown numbers.

Google's call screening feature picks up the phone before it rings and asks the caller why they're calling. If they actually give a good reason, then it shows you the reason as text and you can decide whether to hang up on them or answer. https://support.google.com/phoneapp/answer/9118387

39. hooverd ◴[15 May 25 21:17 UTC] No.43999425[source]
I wonder if some of that perfect accent might be ML.
40. lcnPylGDnU4H9OF ◴[15 May 25 21:20 UTC] No.43999447{3}[source]
> a reason

Because people who read the message and think it's professionally written despite the spelling errors have a large overlap with people who will fall for the scam, at least far enough that money is transferred.

41. the_clarence ◴[15 May 25 21:21 UTC] No.43999455[source]
Where was the number from? I received an impressive number of phonecalls attempt but thankfully I never answer to unknown numbers. With google call screen they hung up everytime so I assume its a scam.
42. conductr ◴[15 May 25 21:33 UTC] No.43999536{4}[source]
It’s not that it got worse, this feature has just never been great. It just feels half baked , which I agree a lot of Apple software has been trending towards. That said, what has increased is the volume of spam calls. So the importance of this feature has also increased.

It’s sad because this seems like such a low hanging fruit for a big improvement. At some point in the relatively recent past, they added the indicator of the caller being a spammer or telemarketer. Seems like that would have been a good time to also enhance this filter but it seems nobody ever connected the dots on that one. Or if I’m being even more cynical, some engineer actually decided he’d rather everyone see his work on every incoming spam call instead of his work quietly improving everyone’s experience

replies(1): >>44006852 #
43. tsimionescu ◴[15 May 25 21:48 UTC] No.43999664{3}[source]
I think that the right lesson to learn here is not "I should store my money with a company I can't trust not to advertise where I live, but without telling them where I live ".
44. cyanydeez ◴[15 May 25 21:50 UTC] No.43999682{4}[source]
of course, you need to point out that Crypto has ended up being indistinguishable from the banking system in all the important parts.

The distinguishing parts are things you don't want: easily corrupted, grifted, cheated and otherwise duped.

45. zardo ◴[15 May 25 21:52 UTC] No.43999705{4}[source]
> The median person does not have $10k sitting in a checking account that they can easily withdraw.

That's true, finding someone with 10k is not as easy as picking a person at random, but it is as easy as driving to the right parking lot and picking a person at random.

replies(1): >>44001383 #
46. cyanydeez ◴[15 May 25 21:52 UTC] No.43999706{4}[source]
so, the part that makes bitcoin useful to 99% of the people is the non-decentralized part.

Sounds like an appendix.

replies(1): >>44000178 #
47. aeternum ◴[15 May 25 22:08 UTC] No.43999840[source]
Why do you see this as the fault of Coinbase? Do other companies somehow have employees that are immune to bribes and blackmail?

This is due to US Government KYC laws that forced Coinbase to associate government identification with all accounts. No crypto company required ID until they were forced to.

replies(7): >>43999931 #>>43999986 #>>44000047 #>>44000085 #>>44000175 #>>44001234 #>>44003847 #
48. throwaway314155 ◴[15 May 25 22:10 UTC] No.43999857{4}[source]
That seems...overly dramatic. Further, enshittification as a concept generally refers to VC/growth-hacking style situations.
49. lavezzi ◴[15 May 25 22:19 UTC] No.43999931{3}[source]
You don't think Coinbase is responsible for restricting access to member data for support agents?
50. panarky ◴[15 May 25 22:25 UTC] No.43999986{3}[source]
The US Government didn't provide high-volume, bulk access to this extremely sensitive information to contractors in foreign countries with no controls over their ability to mass-exfiltrate the data.

Coinbase is the entity that set up this dangerous system.

Coinbase did it because it was cheap for them, not because they were being trustworthy custodians of information that put their customers at risk.

Sure, yes, obviously every company's employees and contractors are vulnerable to bribes and blackmail. That's why a trustworthy, competent custodian would establish systems and controls to prevent bribed and blackmailed insiders from mass-exfiltrating information that could get their customers killed.

The fact that other companies manage to be trustworthy, competent custodians while Coinbase doesn't is not the fault of KYC.

replies(1): >>44000426 #
51. outworlder ◴[15 May 25 22:28 UTC] No.44000012{3}[source]
The average American can't deal with a $1000 emergency.
replies(1): >>44011193 #
52. ◴[15 May 25 22:33 UTC] No.44000047{3}[source]
53. vitaflo ◴[15 May 25 22:33 UTC] No.44000049{4}[source]
Usually you are expecting these calls tho so you can turn off that feature when you do. If said person calls often, add them to your contacts.
replies(1): >>44000826 #
54. koakuma-chan ◴[15 May 25 22:37 UTC] No.44000071{4}[source]
I tried to use Coinbase a few months ago to pay for something, and I couldn't even make a transaction because it was deemed suspicious, and my account got locked or something.
replies(1): >>44003853 #
55. lavezzi ◴[15 May 25 22:37 UTC] No.44000073[source]
> I have been receiving regular spear phishing calls from these guys, or someone who bought the leaked data, with classic tactics like claiming that I need to confirm a potentially fraudulent transaction.

And how long has this been at an increased level? Because i'm not buying the coinbase narrative that they thought this was a systemic issue until they were contacted by the 'cybercriminals'.

replies(1): >>44000971 #
56. ◴[15 May 25 22:40 UTC] No.44000085{3}[source]
57. quickthrowman ◴[15 May 25 22:42 UTC] No.44000093{3}[source]
Bank transactions are reversible, crypto transactions are not.

Also, people do point guns in people’s faces and force them to pay them via Venmo or Cashapp. Google ‘Venmo robbery’ or ‘cashapp robbery’ for plenty of examples. Pointing a gun in someone’s face for $4M in crypto is a lot more lucrative.

58. bobthepanda ◴[15 May 25 22:45 UTC] No.44000119{3}[source]
It's worked before; Arthur Andersen ceased to exist after the Enron accounting scandal.
replies(1): >>44006296 #
59. beaned ◴[15 May 25 22:48 UTC] No.44000135[source]
They said less than 1% of users were affected.
replies(2): >>44000691 #>>44005013 #
60. zbirkenbuel ◴[15 May 25 22:54 UTC] No.44000166{3}[source]
I would have assumed an unknown caller was defined as any number not in your contacts. what is it instead?
replies(1): >>44001276 #
61. ◴[15 May 25 22:55 UTC] No.44000175{3}[source]
62. theossuary ◴[15 May 25 22:55 UTC] No.44000178{5}[source]
Only because of US law. It didn't have to be this way; the US wanted to destroy Bitcoin as a currency because it threatened their surveillance state, and they effectively have.
replies(2): >>44002662 #>>44006483 #
63. mullingitover ◴[15 May 25 23:15 UTC] No.44000316{4}[source]
I just see if they leave a message. If they don’t, they’re sorted. If they do I can always call them back.
64. parliament32 ◴[15 May 25 23:26 UTC] No.44000372[source]
Yeah you went the wrong way there brother.
65. ellisd ◴[15 May 25 23:34 UTC] No.44000409[source]
Unfortunately blocking all unknown calls is the only way to sanity. Otherwise we're talking 6-9 calls coming in ALL DAY, EVERY DAY.

The calls are coming from new numbers, across multiple area codes. A few months ago I would have advised using Begone (https://apps.apple.com/us/app/begone-spam-call-blocker/id159...) to block but that only worked since these calls were isolated to blocks of area codes that were pretty safe to block like 888-XXX-XXXX, but now ZERO of these calls are using a fixed area code that would be relative safe to block.

replies(2): >>44000736 #>>44000935 #
66. iambateman ◴[15 May 25 23:36 UTC] No.44000417{3}[source]
So you’re saying that one year of complementary credit monitoring by Experian isn’t enough??? /s
67. aeternum ◴[15 May 25 23:38 UTC] No.44000426{4}[source]
Fair enough, and it does sound like they had limits given that not all customer data was exfiltrated but those limits were probably far too high at tens of thousands affected.
68. andy_ppp ◴[16 May 25 00:14 UTC] No.44000613[source]
Companies should seriously consider implementing GDPR even in the US, it certainly made taking data dumps of customer data a lot harder and certainly private images like Government IDs were encrypted on disk. I’m surprised at the lack of security if I’m honest, at Yahoo! almost nobody had access to prod user data.

Essentially you cannot trust Coinbase IMO, might move the few hundred dollars of BTC out of there :-)

replies(4): >>44001405 #>>44002445 #>>44004187 #>>44010495 #
69. anon-3988 ◴[16 May 25 00:27 UTC] No.44000691{3}[source]
probably the top 1%.
70. VectorLock ◴[16 May 25 00:35 UTC] No.44000736{3}[source]
I can't block all calls, but the screening feature on my Pixel did an immense job of filtering out the spam.
71. VectorLock ◴[16 May 25 00:37 UTC] No.44000743{3}[source]
I need calls from unknown numbers (doctors, vendors, etc.) Pixel would flag spam calls and not ring, all the unknown-but-valid callers got through without issue.
72. conductr ◴[16 May 25 00:56 UTC] No.44000826{5}[source]
They could also just easily enhance the feature right? It’s an extra if statement in the code. I get enough calls that it’s not practical to constantly edit a setting that’s like this. There’s nothing else in the settings app I change regularly, it’s mostly set and forget.

It’s much better to just silence every spam call manually instead of having to go into voicemail, listen , decide if I need to respond, hope that I’m acting quickly enough that the other person answers when I ring them back, etc. i imagine this works for a lot of people. But if you get enough calls, or get urgent calls for any reason, it’s not ideal.

For those that can’t imagine the use cases. Consider you are primary contact for your elderly parent. If they fall in the middle of the night you might be getting a call from any random number. Do not disturb isn’t an option and sometimes the EMS guys will call you from their personal cell phone. Even some services like home security will call from random numbers. If ask a plumber to come over, some random technician will call from their device to talk. If a potential client gets my number somehow, I’d prefer to answer versus them get my voicemail.

You have to also factor in that a lot of people don’t even like leaving voicemail so they don’t leave one and I’m left guessing if it mattered that

73. mirzuschwer ◴[16 May 25 01:15 UTC] No.44000935{3}[source]
answer the call and immediately put it on mute. they will hang up and stop calling
replies(1): >>44004953 #
74. gukov ◴[16 May 25 01:15 UTC] No.44000939{3}[source]
US and Canada
75. modeless ◴[16 May 25 01:20 UTC] No.44000971[source]
It started around the beginning of April, at the same time as I got an initial email from them about my account information being accessed. Which I'm thinking is probably the same breach as they're talking about here.
76. toomim ◴[16 May 25 01:23 UTC] No.44000987{3}[source]
And this crypto CEO in Toronto was kidnapped for a $1M ransom: https://www.cbc.ca/news/canada/toronto/kidnapping-toronto-bu...
replies(1): >>44001253 #
77. gxs ◴[16 May 25 01:43 UTC] No.44001088[source]
And yet, Coinbase goes Scott free

Someone, someone at that company should be going to prison for negligence

replies(2): >>44002452 #>>44003900 #
78. intrasight ◴[16 May 25 02:00 UTC] No.44001193{3}[source]
I've failed to semantically parse your statements
79. UltraSane ◴[16 May 25 02:01 UTC] No.44001196{3}[source]
Why would a number in your contacts be considered "unknown"
80. nradov ◴[16 May 25 02:03 UTC] No.44001205{3}[source]
No one is forced to use a "crypto exchange" in the first place.
replies(1): >>44001711 #
81. nradov ◴[16 May 25 02:10 UTC] No.44001234{3}[source]
There is no valid reason why Coinbase or any other financial services company should ever be excepted from AML/KYC laws. If anything the laws ought to be even tighter to slow down financial flows to criminals and sanctioned entities.
82. stonogo ◴[16 May 25 02:14 UTC] No.44001253{4}[source]
The parent post was someone literally hosting a crpyto conference, and this one was someone who runs a crypto company. A sibling story describes the father of a 'cryptocurrency influencer.' Is there any evidence of real crime happening which was targeted at Coinbase leak data, or is this just vibes
replies(1): >>44001441 #
83. bdangubic ◴[16 May 25 02:15 UTC] No.44001254{3}[source]
it is super fucking easy. it has been a decade since I answered an unknown number. if plumber calls (and I dont have her/his number stored) it goes to voicemail. I then call known company number. The communication is always one-way, I call you. I never answer. You follow this one very simple rule and you good :)
replies(2): >>44001735 #>>44003288 #
84. AStonesThrow ◴[16 May 25 02:20 UTC] No.44001276{4}[source]
In the realm of Caller ID, a phone number may be "PRIVATE" (or "WITHHELD") or "UNKNOWN". An "UNKNOWN" Caller ID cannot display any name nor any number, because... they are not known to the switch.

Therefore, an unknown number that can be blocked/ignored by your phone or the app is one that doesn't support Caller ID's name or number functions. It doesn't have anything to do with who's in your Contacts app, because of course those consist of known names and known numbers.

replies(1): >>44003275 #
85. MrApathy ◴[16 May 25 02:25 UTC] No.44001296{3}[source]
"They Stole a Quarter-Billion in Crypto and Got Caught Within a Month. How luxury cars, $500,000 bar tabs and a mysterious kidnapping attempt helped investigators unravel the heist of a lifetime." https://www.nytimes.com/2025/04/24/magazine/crybercrime-cryp... (gift article)
86. devman0 ◴[16 May 25 02:44 UTC] No.44001383{5}[source]
Pulling $10k out of the global banking system by physical coercion in a way that isn't reversible and won't get you caught is hard problem, you might as well attempt to rob the bank instead. That's why most of the "successful" criminals in that space use social engineering and scamming where the victim is a unwitting participant rather than kidnapping someone.

With crypto, no bank or other middleman involved, it's like stealing physical cash/gold/diamonds from someone, if you know they have it in their possession, so violence can be a lot more successful at coercing a change of possession.

87. ethbr1 ◴[16 May 25 02:49 UTC] No.44001405{3}[source]
> I'm surprised at the lack of security if I’m honest

This is the crypto industry, who make the discrepancy between Theranos' claims and practice look conservative.

88. suzzer99 ◴[16 May 25 02:57 UTC] No.44001441{5}[source]
Well you start with the low-hanging fruit. Also I imagine these things take a while to plan.
replies(1): >>44004493 #
89. joquarky ◴[16 May 25 03:25 UTC] No.44001554{3}[source]
What about while job hunting?
replies(1): >>44002037 #
90. tziki ◴[16 May 25 03:37 UTC] No.44001626[source]
I have the exact same experience. I felt like I went back to a phone from 2018.
91. throwaway290 ◴[16 May 25 03:57 UTC] No.44001711{4}[source]
or cryptocurrencies
92. VectorLock ◴[16 May 25 04:01 UTC] No.44001735{4}[source]
Theres plenty of situations where this doesn't work. If you're called from a business central line and you don't know their extension you just call back and get the normal call tree which can take you forever to get through. Or if you're on the "cancellation list" for an appointment if they can't get through to you, they don't wait for you to call back, they just go on to the next person to schedule in their open slot.
replies(2): >>44003734 #>>44004003 #
93. dachris ◴[16 May 25 04:12 UTC] No.44001777[source]
Why is this such an issue with crypto?

Wealth status is often very well known for public figures and entrepreneurs. People are driving around in $200k cars.

Is it due to the liquidity of cryptocurrencies that $5 wrench attacks work better?

replies(3): >>44001997 #>>44003825 #>>44012159 #
94. stuckkeys ◴[16 May 25 04:36 UTC] No.44001882{3}[source]
Oh man. They start at 7AM and end around 4-5ish PM. I was hoping the war between Pakistan and India would make these stop. Jk obv. Nobody likes wars. But other than Tmobile are there similar methods for different providers? It can get so annoying. I did restrict calls from known numbers only.
95. sanswork ◴[16 May 25 05:05 UTC] No.44001997{3}[source]
It happens with cash sometimes but people are limited to the amount they can get out of an ATM where with crypto you can force someone to hand over all their wealth with a few keystrokes.
96. ge96 ◴[16 May 25 05:15 UTC] No.44002037{4}[source]
Email or voice mail
97. hulitu ◴[16 May 25 06:46 UTC] No.44002445{3}[source]
> Companies should seriously consider implementing GDPR even in the US

... and save the data in US cloud where everybody can access it.

It is really funny how FAANG can get away with data colkection in spite of GDPR.

replies(1): >>44003168 #
98. hulitu ◴[16 May 25 06:47 UTC] No.44002452{3}[source]
> Someone, someone at that company should be going to prison for negligence

That's not how capitalism works. /s

99. enaaem ◴[16 May 25 07:27 UTC] No.44002662{6}[source]
No entity is obligated to enforce contracts in BTC. The real reason what makes a currency valuable.
100. disgruntledphd2 ◴[16 May 25 08:52 UTC] No.44003168{4}[source]
Yeah this is really frustrating, especially the way the EU commission keep coming up with workarounds that the court will almost certainly strike down.
101. conductr ◴[16 May 25 09:09 UTC] No.44003275{5}[source]
There is a defined type “Unknown” which I think you’re describing but it’s Not exactly how the iOS feature works. It says let’s through those in your contacts or who you’ve had recent conversations with and Siri suggestions. It’s basically a dumb proxy for letting through people you might actually want to talk with. Except sometimes you don’t know who/where/when those calls are coming from and I haven’t spoken to them before.
102. conductr ◴[16 May 25 09:13 UTC] No.44003288{4}[source]
Glad it works for you, I’m not allergic to the phone like seemingly everyone else so I strive to minimize phone tag BS and would rather answer the calls I get and filter out known spam, it’s not rocket science it’s probably only 2 lines of code in the phone app

If call is spam and ignore spam option enabled, send call to voicemail.

That’s it, a simple line of code. Just make the option selectable and it’s done.

103. bdangubic ◴[16 May 25 10:35 UTC] No.44003734{5}[source]
it always works mate, it always works
104. rsynnott ◴[16 May 25 10:52 UTC] No.44003825{3}[source]
If you're kidnapping a generic very rich person, how are you expecting them to pay the ransom, a big burlap sack of cash? There's a lot that can go wrong there. A bank transfer or other conventional financial instrument? Few criminals would be comfortable with that approach. (John Grisham novels, and 'Archer's beloved bearer bonds, aside, it's virtually impossible to make this untraceable). Magic internet money is presumably far less messy.

Also, a decent proportion of crypto-millionaires came by their riches in... not entirely above-board ways (in particular, securities fraud; all those pump and dump scamcoins are paying off for _someone_), and may be reluctant to involve the authorities. And the crypto industry as a whole is unusually comfortable with extortion; hacked crypto companies paying a kind of bounty to hackers to get the rest of the funds back is a common thing.

replies(1): >>44004173 #
105. rsynnott ◴[16 May 25 10:56 UTC] No.44003847{3}[source]
Generally, staff do not have unfettered access to all customer data in most financial companies.
106. rsynnott ◴[16 May 25 10:57 UTC] No.44003853{5}[source]
Someone with a lot of cryptocurrency in Coinbase is also quite likely (at least relative to the average person) to have lots of on-chain cryptocurrency, too, though.
107. mlrtime ◴[16 May 25 11:06 UTC] No.44003900{3}[source]
Can you point to a specific law that was broken where prosecutors have a chance at jail time, or is this a fantasy of yours?
replies(2): >>44004848 #>>44005354 #
108. AStonesThrow ◴[16 May 25 11:20 UTC] No.44004003{5}[source]
Taxi cab dispatchers will do this for sure. They do callbacks to “confirm” your ride, especially when busy, because if you don’t answer, they simply drop your request on the sticky office floor.
replies(1): >>44005767 #
109. csomar ◴[16 May 25 11:41 UTC] No.44004173{4}[source]
They can use their bank account to buy crypto and then pay the ransom. Kidnapping is a thing in latin america before crypto became cool.
replies(3): >>44004397 #>>44004408 #>>44004494 #
110. csomar ◴[16 May 25 11:43 UTC] No.44004187{3}[source]
How would GDPR help in this case where the employees were bribed?
replies(1): >>44009440 #
111. rsynnott ◴[16 May 25 12:04 UTC] No.44004397{5}[source]
“Hey, cryptocurrency exchange, I, a random rich person, would like to, having never interacted with you before, buy a million dollars of bitcoin and transfer it out. Today, please.”

That is simply not going to happen.

replies(1): >>44006390 #
112. le-mark ◴[16 May 25 12:05 UTC] No.44004408{5}[source]
Companies do exactly this frequently to get their hacked servers and data decrypted.
113. _Algernon_ ◴[16 May 25 12:10 UTC] No.44004453[source]
How can I check if I am affected by this?
replies(1): >>44005064 #
114. normie3000 ◴[16 May 25 12:15 UTC] No.44004493{6}[source]
The point is, it didn't need a coinbase data breach to identify these victims - they're high profile, public users of crypto.
replies(1): >>44007068 #
115. sillystu04 ◴[16 May 25 12:15 UTC] No.44004494{5}[source]
> They can use their bank account to buy crypto and then pay the ransom.

This is actually more difficult than it sounds. Most banks and crypto exchanges won't allow a person to make meaningfully large crypto transactions without some account history.

116. morcus ◴[16 May 25 12:50 UTC] No.44004848{4}[source]
The comment said "should be" which you glibly interpret as "should be going to jail based on the law" but could very easily be "the law should be such that this kind of negligence results in jail time".
117. philipwhiuk ◴[16 May 25 13:00 UTC] No.44004953{4}[source]
Don't you have caller-pays in the US?
118. Peanuts99 ◴[16 May 25 13:05 UTC] No.44005013{3}[source]
I thought this was 1% of user data, which could include names and addresses of all their members.
119. skybrian ◴[16 May 25 13:10 UTC] No.44005064{3}[source]
If you were affected, you should have gotten an email yesterday.
replies(1): >>44005569 #
120. sameline ◴[16 May 25 13:21 UTC] No.44005180[source]
Verizon (and I assume many other US carriers) offer junk call identification which your iPhone can block if you have ”Silence Junk Callers” toggled in Settings > Phone > Call Blocking & Identification.

https://support.apple.com/guide/iphone/block-or-avoid-unwant...

121. nkrisc ◴[16 May 25 13:35 UTC] No.44005354{4}[source]
I assume they mean that someone from the company going to prison for this would be a just outcome, not that a path to such an outcome exists today (it likely does not).
122. ne0flex ◴[16 May 25 13:54 UTC] No.44005569{4}[source]
I checked my email to see if I received anything and, interestingly, I received an email from Coinbase on April 14 that they're updating the User Agreement. The new terms only apply to disputes initiated by me or Coinbase after May 15, 2025. Timing seems suspect.
123. bdangubic ◴[16 May 25 14:12 UTC] No.44005767{6}[source]
this is a loss of business for them, not my problem. it is 2025, if they do not have map where i can track where they are etc.. imma not going to be using that service...
124. toyg ◴[16 May 25 14:58 UTC] No.44006296{4}[source]
They just morphed into Accenture.
replies(1): >>44008954 #
125. reisse ◴[16 May 25 15:06 UTC] No.44006390{6}[source]
Eh, million dollars would not raise a single eyebrow from an exchange side. Your bank, maybe, will have some questions about the transaction, but the things they can do to prevent you spending your money are thankfully fairly limited.
replies(2): >>44007171 #>>44009582 #
126. twosid3dDice ◴[16 May 25 15:15 UTC] No.44006483{6}[source]
Btc whales want to destroy the dollar because it benefits them.

Neither the dollar or crypto are anything but social illusions, neither have an inherent right to exist.

It’s just people manipulating people. Such an intellectually dishonest forum to sit here and discuss meaningless layers of obfuscation.

The most important thing to any individual is enough other humans around their own life isn’t so hard. Specific humans, like those on this forum, are not essential.

You all can bleat on as hard as you want about the existence of crypto but it’s not an evenly distributed belief. And your individual value is non existent to the majority on the planet. No reason to prop up your hallucinations

127. chiggsy ◴[16 May 25 15:47 UTC] No.44006852{5}[source]
>some engineer actually decided

No sane person would flaunt Apple secrecy in such a fashion whilst employed there.

>instead of his work quietly improving everyone’s experiBence

Laughable that you feel that Apple engineers have the capacity for this kind of desire in 2025. If they did, Xcode would be way better to use. They cant even quietly improve their own experience.

replies(1): >>44008956 #
128. suzzer99 ◴[16 May 25 16:05 UTC] No.44007068{7}[source]
Right. But it's an example of what could be coming for coinbase whales.
129. panarky ◴[16 May 25 16:14 UTC] No.44007171{7}[source]
How long do you think it takes to create an account, get your KYC documents verified, get your trading and withdrawal limits raised to a million or more, transfer funds from your brokerage account, buy tokens and then re-verify when you try to transfer the tokens out of the exchange?

You'd be lucky to complete this in less than a week.

replies(1): >>44010880 #
130. bobbruno ◴[16 May 25 19:23 UTC] No.44008954{5}[source]
Actually the split between Arthur Andersen and Andersen Consulting (which later became Accenture) happened years before the Enron thing.
131. conductr ◴[16 May 25 19:23 UTC] No.44008956{6}[source]
Whatever man, I'm not trying to shit on them like you want me to. I think adding this simple feature that is likely little more than a line or two of code is a night an day comparison to overhauling something like Xcode to meet your definition of what "better" means
132. baobun ◴[16 May 25 20:17 UTC] No.44009440{4}[source]
Internal segregation. If inplemented properly perhaps these specic employees wouldnt have access to all that data in the first place.
133. jokethrowaway ◴[16 May 25 20:36 UTC] No.44009582{7}[source]
My experience with banks in UK / EU is that they will bother you for much smaller amounts than 1M. I had banks bother me for 10k transfers and other banks completely ignore me for 100k transfers.
134. Aloisius ◴[16 May 25 22:49 UTC] No.44010495{3}[source]
> How does Coinbase protect data in transit and data at rest?

> Coinbase employs a range of technical and organizational measures to defeat efforts to intercept, surveil, or otherwise access without authorization data in transit. For instance, Coinbase encrypts all confidential data transfers to prevent interception or tampering of that data by unauthorized third parties.

Coinbase does business in the EU and thus, already has to comply with the GDPR. Moreover, the US also requires safeguards for sensitive customer information by financial services companies.

135. toomim ◴[17 May 25 00:01 UTC] No.44010880{8}[source]
It takes about 3 days on kraken. Much less than a week.
136. zamadatix ◴[17 May 25 00:56 UTC] No.44011193{4}[source]
Maybe they wouldn't be able to cover other planned expenses with said loss or something but the median (I intentionally avoid referring to "average" for reasons also mentioned in this article) amount American have access to in their transactional bank accounts is $8,000 according to the Federal Reserve: https://www.fool.com/money/research/average-savings-account-...

Someone else made a great mention though: Coinbase didn't just serve the US. For the vast majority of countries these amounts are more than the yearly disposable income of a typical household. From that angle the numbers in the stories make a bit more sense.

137. cwilkes ◴[17 May 25 05:05 UTC] No.44012159{3}[source]
Scammers attract scammers?
138. huhkerrf ◴[18 May 25 06:45 UTC] No.44019478{3}[source]
I'm in Europe and get at least one a day.