Coinbase User’s Funds Stolen

The Coinbase exchange is held in high regard by a lot of Bitcoin and cryptocurrency enthusiasts. Unfortunately, that situation may come to change very soon. The company has built up a bit of a bad reputation when it comes to customer service. To make matters worse, one user documented how he lost $8,000 worth of Bitcoin due to Coinbase and Verizon. There is also a class-action lawsuit against the exchange, which does not bode well.

What Is Going On With Coinbase These Days?

One of the more common issues people have is how Coinbase takes its sweet time to complete orders these days. Customers are complaining about purchases not being completed despite the money being taken from bank accounts and credit cards. The company has had payment processing issues for some time now, and things are not improving. Sadly, that is perhaps the least of Coinbase’s worries right now.

One Coinbase user received a suspicious automated message from Verizon indicating he was on the phone with the company and authentication using an “alternative method.” Messages like these never bode well, and it did not take long until the Coinbase account password was reset. It took a few minutes to empty out all of the user’s balance and send them to unauthorized wallet addresses.

The explanation on Medium paints quite an interesting example of how users need to step up their 2FA game when using ANY online service. However, that should not automatically result in people losing access to their Coinbase account and seeing the associated funds stolen without repercussions. Verizon is at fault here as well, as the assailant could trick the company into believing he is the legitimate person based on billing information. No social security number, birth date, or PIN code was required whatsoever.

It is unclear how this user got targeted, although he has been tweeting about Coinbase about a week ago. Unfortunately, it appears this made the user a target for criminals. It is evident this person is a victim of fraud, yet it remains to be seen how Coinbase will respond to this situation. Their customer support could take “weeks to answer,” which is not comforting whatsoever. The fact users can authenticate with a mobile phone number on Coinbase is convenient, but also a bad security practice.

The way Coinbase could have prevented the issue, is if adding a new device or replacing the 2FA device triggered an automatic hold on the account. During that period, the user wouldn’t be able to withdraw the coins, that period could default to a few hours and the user could even adjust it as he sees fit. The way the attacker stole the coins, is he took over the user’s Verizon account and proceeded to substitute his own burner phone in place of the original. He could then use that phone to pass all the verification to withdraw the coins.

Moreover, there does not appear to be a “fraud hotline” at Coinbase, which can become quite problematic if more of these issues arise. Plus, the company has seen spectacular growth as of late, which is spreading their available resources incredibly thin. Not taking the proper security precautions could haunt the company, to say the least. In fact, there is a class action lawsuit in motion against the exchange as we speak.

A class action lawsuit against Coinbase could be quite problematic for the company. More specifically, this lawsuit was filed by Cryptsy users who lost funds liquidated by the defunct exchange’s owners through Coinbase. This goes to show the company is already in contested waters when it comes to fraud prevention. This new story will only make things a lot worse for Coinbase, unless they take the appropriate course of action and refund the customers affected by this problem. It is doubtful they will do so, though.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.