Coinbase User’s Funds Stolen

The Coinbase exchange is held in high regard by a lot of Bitcoin and cryptocurrency enthusiasts. Unfortunately, that situation may come to change very soon. The company has built up a bit of a bad reputation when it comes to customer service. To make matters worse, one user documented how he lost $8,000 worth of Bitcoin due to Coinbase and Verizon. There is also a class-action lawsuit against the exchange, which does not bode well.

What Is Going On With Coinbase These Days?

One of the more common issues people have is how Coinbase takes its sweet time to complete orders these days. Customers are complaining about purchases not being completed despite the money being taken from bank accounts and credit cards. The company has had payment processing issues for some time now, and things are not improving. Sadly, that is perhaps the least of Coinbase’s worries right now.

One Coinbase user received a suspicious automated message from Verizon indicating he was on the phone with the company and authentication using an “alternative method.” Messages like these never bode well, and it did not take long until the Coinbase account password was reset. It took a few minutes to empty out all of the user’s balance and send them to unauthorized wallet addresses.

The explanation on Medium paints quite an interesting example of how users need to step up their 2FA game when using ANY online service. However, that should not automatically result in people losing access to their Coinbase account and seeing the associated funds stolen without repercussions. Verizon is at fault here as well, as the assailant could trick the company into believing he is the legitimate person based on billing information. No social security number, birth date, or PIN code was required whatsoever.

It is unclear how this user got targeted, although he has been tweeting about Coinbase about a week ago. Unfortunately, it appears this made the user a target for criminals. It is evident this person is a victim of fraud, yet it remains to be seen how Coinbase will respond to this situation. Their customer support could take “weeks to answer,” which is not comforting whatsoever. The fact users can authenticate with a mobile phone number on Coinbase is convenient, but also a bad security practice.

The way Coinbase could have prevented the issue, is if adding a new device or replacing the 2FA device triggered an automatic hold on the account. During that period, the user wouldn’t be able to withdraw the coins, that period could default to a few hours and the user could even adjust it as he sees fit. The way the attacker stole the coins, is he took over the user’s Verizon account and proceeded to substitute his own burner phone in place of the original. He could then use that phone to pass all the verification to withdraw the coins.

Moreover, there does not appear to be a “fraud hotline” at Coinbase, which can become quite problematic if more of these issues arise. Plus, the company has seen spectacular growth as of late, which is spreading their available resources incredibly thin. Not taking the proper security precautions could haunt the company, to say the least. In fact, there is a class action lawsuit in motion against the exchange as we speak.

A class action lawsuit against Coinbase could be quite problematic for the company. More specifically, this lawsuit was filed by Cryptsy users who lost funds liquidated by the defunct exchange’s owners through Coinbase. This goes to show the company is already in contested waters when it comes to fraud prevention. This new story will only make things a lot worse for Coinbase, unless they take the appropriate course of action and refund the customers affected by this problem. It is doubtful they will do so, though.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.

  • J. Pereira

    In my opinion this article is clickbait. It projects the impression of Coinbase being hacked, complete with an appropriate illustration. That is in fact not the case, and much of the blame projected upon Coinbase should land on Verizon. There are many banks where you could very well pull off a similar heist, the problem is much bigger than Coinbase.

    It’s disappointing for an author with such quality articles as JP Buntix to take such an easy route, when there’s actually a larger story to be written about the state of 2FA and online security.

    • Lemuel Uhuru

      The Merkle specializes in Clickbait. It really is a hit or miss with them.

  • Lemuel Uhuru

    Coinbase nor any other company for that matter should be blamed for the ignorance of their users. You can provide all of the security in the world to protect users but nothing will protect against an idiot giving away his password, private keys, or access rights. This is 2017 and people are still sending millions to Nigeria and India.

    • Andrew E

      They’ll be the ones laughing when the Nigerian prince gives them their share of the pot. Nigerians use dogecoin tho

  • issue solving 101

    Yes I agree this article is shit. A hit piece. Users can secure their accounts properly, Ive never had an issue with coins being delivered in the time frame they stated. Sad article just to get a click.

  • envious fred

    If you can’t be a$$ed to use 2FA, you could end up with sweet F.A.

  • Brillo

    Actually, when I lost my phone and needed to reset my 2fa, Coinbase waited seven days before getting back to me. I do not think this was bad customer service (and theirs is terrible),
    rather the time delay stopped anyone from taking over my phone. No one goes a week without their phone, unless they just happen to be backpacking.

  • Steven Hager

    The part I don’t like is when he says it takes forever to buy on Coinbase. In fact I get instant sales there and not at Gemini. So the author starts out with a big fallacy.

  • Jamie Buffum

    What strange timing. I just had my account closed by Coinbase with no explanation why. I sent them an email inquiring why and this is what they said… “we believe your account has engaged in prohibited use in violation of our Terms of Service”.

    I followed up and asked what I did that was against there terms of service and this was there response…”we cannot provide you with any additional, specific information regarding your account closure.we cannot provide you with any additional, specific information regarding your account closure.

    So basically I am SOL because I made an account to buy and sell bitcoin. Such crap!

  • Coinbase Mafia

    Look at all the gullible coinbase sheep. They have many pending lawsuits. Doesn’t that flick on a lighbulb!?