I'm also curious as to why I keep seeing the vague and somewhat uncommon expression "to make whole" in relation to the Coinbase breach. I have neither the time nor the interest to dig into the matter, but my astroturfey-senses are tingling.
I've heard the term used in libertarian circles. I think it's justice without punishment. Instead of the offender being slapped on the wrist, imprisoned etc., the offender must work to restore the victim to how they were prior to the offense.
"(transitive, finance, law) To provide (someone), especially under the terms of a legal judgment or an agreement, with financial compensation for lost money or other lost assets."
Right but did they get money? Did they get the missing coin replaced? Is the price volatile enough that getting dollars instead of coin less attractive?
I am unconvinced that Coinbase didn't have some sort of breach here. I don't believe they disclosed everything.
Multiple people I know with Coinbase accounts were solicited by the hackers - none of them have ever mentioned to anyone that they had a Coinbase account on any social media platform.
On pretty much every crypto exchange telegram support channel - the moment you ask question - some friendly "support admin" will try to contact you and "help".
Where does that work? I tried googling for Amazon support contact after I got locked out of my Amazon Japan account. There is no email address; there is one phone number where a bot tells you to use the website.
Odd that someone capable of obtaining 50k in crypto was able to be scammed in that fashion, particularly when the real phone number shows up in big bold font when googling "coinbase support number"..
To be fair, the search results may well have changed in between now and then but the support number isn't that hard to find on the coinbase site.
Are you sure this person is being truthful, and not running their own scam?
For that amount, it seems like it would be worth trying to sue Google. It may be next to impossible now if they no longer display that phone number though.
If you're not running a full node on your own encrypted hardware, you shouldn't be doing anything but playing with crypto. It's almost as if the current financial system evolved over hundreds of years of hard lessons learned to have certain tradeoffs like reversible transactions that mitigate this threat for the general populace.
If this is the same SS7 protocol flaw that security experts have been using to justifiably avoid SMS in 2-factor auth schemes forever now it's face palm inducing. Not that this sounds like a simple hack if they also compromised inboxes. Sounds like the victims were already very well owned at that point. Lesson learned I guess. I wonder how much it cost Coinbase.
39 comments
[ 4.3 ms ] story [ 77.8 ms ] threadhttps://news.ycombinator.com/item?id=28719786
https://en.wiktionary.org/wiki/make_whole
I don’t understand.
Multiple people I know with Coinbase accounts were solicited by the hackers - none of them have ever mentioned to anyone that they had a Coinbase account on any social media platform.
They never deny being hacked, but never admit it either. ...and they pretend that it was likely all the users' fault.
He searched google for "coinbase support number" and dialed the number found.
Friendly operator guided him to solve a problem.
$50k lesson learned.
To be fair, the search results may well have changed in between now and then but the support number isn't that hard to find on the coinbase site. Are you sure this person is being truthful, and not running their own scam?
if you want to be be safe you should store your crypto in cold storage rather than online