Coinbase says hackers bribed staff to steal customer data, demanding $20M ransom

(www.cnbc.com)

410 points gpi | 1 comments | 15 May 25 15:52 UTC | HN request time: 0.219s | source

Show context

thepasswordis ◴[15 May 25 16:40 UTC] No.43996769[source]▶

The problem is that it seems like the data that leaked is also the data that would be used to do account recovery.

And what that means is that

1) If you lose access to your account (through either your own fault, or coinbases fault) that the process of recovering it may not be so straightforward anymore.

2) Hackers can try to “recover” accounts now using this leaked info.

This is a huge problem. What coinbase needs are IRL offices where you can go and do things like account recovery, and where people trying to steal money can be caught and prosecuted (and makes a huge barrier for the overseas thieves who are usually doing this)

The only solution here is: hardware 2 factor like yubikeys.

replies(9): >>43996798 #>>43998374 #>>43998426 #>>43999299 #>>43999324 #>>43999430 #>>43999499 #>>43999782 #>>44001348 #

SimianSci ◴[15 May 25 19:21 UTC] No.43998374[source]▶

>>43996769 #

The Crypto industry continues their speedrun of rediscovering all of the reasons for why the global financial system exists.

What you've described is the same thing that many Crypto enthusiasts call a "Bank"

replies(3): >>43998471 #>>43999321 #>>43999346 #

1. lxgr ◴[15 May 25 21:07 UTC] No.43999346[source]▶

>>43998374 #

Many banks don't have physical branches.

One that I'm using does, but I find it extremely annoying when they have me go to a branch to unblock my account that they locked due to a poorly calibrated risk system (that they need due to not supporting actually secure 2FA methods).

↑