How To Recover a Coinbase Account That Got Hacked
Coinbase is a secure cryptocurrency exchange platform. More than 8.8 million people use the Coinbase app to buy, sell, transfer and store crypto. Although Coinbase is dedicated to protecting its customers by using industry best practices in security, no online platform is hack proof.
Read on to learn what happened when Coinbase got hacked and how to safeguard your account.
Coinbase Got Hacked
Coinbase disclosed that between March and May 20, 2021, hackers were successful in looting cryptocurrency funds from at least 6,000 customers. The attackers likely used a large-scale email phishing campaign to trick customers into handing over the email addresses, passwords, and numbers linked to their accounts. The cybercriminals then broke into accounts by exploiting a flaw in the two-factor SMS authentication system.
How the Accounts Got Hacked
The two-factor authentication grants access to an account when the person signing in has the correct password and one-time passcode generated on their phone. The hackers were able to steal the one-time passcode for users using the SMS-based authentication method.
The hackers had compromised the customers’ inboxes and gained the Coinbase credentials for a small number of cases. They then used the information to impersonate the user and receive the SMS two-factor authentication code to access the account. Impersonation may have occurred through a SIM-swapping attack that tricked the mobile carrier into transferring the victim’s phone number.
Coinbase did ensure that the affected customers were reimbursed for the stolen investments. The security flaw was fixed immediately, and Coinbase worked with the victims to regain control of their accounts.
How to Protect Your Coinbase Account
Coinbase does use extensive security measures. However, the security of your account is a shared responsibility. For peace of mind and to safeguard your account from unauthorized access, consider implementing the following Coinbase tips:
Use a Strong Password
Use a random and long password that’s unique to your account. Don’t use the same password twice across your online accounts. Password manager apps like 1Password or LastPass help generate and securely store unique passwords for your online accounts.
If you prefer not to use a password manager, consider using a passphrase for your account. Avoid using phrases from movies or books, as cybercriminals have access to cutting-edge quote databases.
Use the Strongest Type of 2-Step Authentication
Coinbase recommends you use a security key to protect all your online accounts, not just for Coinbase. Yubico is a popular choice. If you prefer not to use one, the next best type of two-step verification is the “Time-based One Time Password” (TOTP), coupled with a mobile authenticator app like Duo or Google Authenticator.
Using these types of two-step security will drastically reduce the chances of your account being compromised.
Keep Your Device Protected From Threats
There are many types of malware designed to infect a device, and some, in particular, can be especially concerning. Remote access trojans (RATs) and cookie-stealing malware can be used to hijack your log-in credentials and gain access to your accounts.
To protect your devices from such threats, consider doing the following:
- Ensure your device is kept up to date with the latest OS and security updates.
- Ensure your web browser and software are kept updated with the latest versions.
- Perform regular scans of your device with anti-virus protection. And keep a step ahead of new threats by updating your virus signatures often.
- To help protect your device against malicious ads, install a good adblocker like uBlock Origin in your browser.
- Ensure you’re browsing the web safely. Never click on or download suspicious links or programs.
- Avoid using or installing browser add-ons or plug-ins developed by unknown third parties.
- Remove all unnecessary or questionable software from your device.
- If you need to install remote access tools, uninstall them once the remote access is no longer required.
- Set up a screen lock and password to access your device.
Check out Coinbase’s official advice on making a Coinbase account more secure and for more gold-standard security tips.
Does Coinbase refund if I get hacked?
Yes, they do refund hacked accounts. Coinbase is covered by crime insurance to protect a portion of digital assets across the storage systems for losses from theft and cybersecurity breaches. A hacker will often use a customer’s email to gain unauthorized access to their Coinbase account.
Coinbase Investments Returned
Coinbase uses extensive measures to protect its customer’s investments; however, cybercriminals are constantly working to find security holes. In 2021, many customers had their investments stolen when
hackers gained account details required to break the two-step text-based authentication. Coinbase fixed the problem, refunded its customers, and provided additional information on safeguarding Coinbase investments.
Do you invest in cryptocurrencies, or perhaps think about it? Share your opinions on the cryptocurrency world in the comments section below.