Comment by skybrian

16 hours ago

Blog post is here:

https://www.coinbase.com/blog/protecting-our-customers-stand...

> We will reimburse customers who were tricked into sending funds to the attacker due to social engineering attacks. If your data was accessed, you have already received an email from no-reply@info.coinbase.com; all notifications went out at 7:20 a.m. ET on 5/15 to affected customers.

8 comments

skybrian

Reply
gkoberger  15 hours ago

The no-reply is an interesting decision. I get how difficult it is to run a company like Coinbase (their biggest strength, centralized + customer support, is also what enables this social engineering), but feels like an odd choice.

  • sh34r  15 hours ago

    Their "customer support" includes not expecting users to set up PGP to communicate with them. Email is not a secure method of communication by default.

    It's fine to send a notification instructing them to visit the secure portal for more info, though. Hence, no-reply.

  • scotty79  15 hours ago

    no-reply is a good practice. No business should ever encourage their customers to reply to the emails they are sending out. That's what scammers do.

    To contact the company you should go to company website at the address you know (which shouldn't be given in email as well), log in and send a message through internal message system, possibly referring to the email that you recieved through a random code (those can be auto-suggested if they recently tried to contact you by email).

    If you do anything else your communication knwowingly mimics communication of a scammer.

    Unrequested email should always only be one way communication. Email is too untrustworthy for it to be anything more.

    • ClumsyPilot  13 hours ago

      > No business should ever encourage their customers to reply to the emails they are sending out.

      It’s fascinating that we keep creating new technology and then find out that in practice most of it cannot be trusted. Which means it cannot be used for anything serious.

      IT revolution is a bit of a failure

      1 reply →

PeeMcGee  15 hours ago

> No passwords, private keys, or funds were exposed and Coinbase Prime accounts are untouched.

I'm curious why no Coinbase Prime accounts were part of the leak (assuming that's what they mean). Is there some sort of additional layer of data protection behind the Coinbase Prime paywall? Or perhaps those accounts were intentionally avoided as they would presumably belong to more savvy users.

  • czk  15 hours ago

    Coinbase Prime is its own exchange with its own support (actual humans in the USA that are available to chat to). It's for "institutional investors" so unavailable to most customers without the proper credentials/paperwork. They don't share the same outsourced "support" as the regular exchange, which appears to be the attack vector here.