Coinbase Accidentally Scared 125,000 Users Into Thinking Their Accounts Had Been Hacked

Coinbase Accidentally Scared 125,000 Users Into Thinking Their Accounts Had Been Hacked
Photo: CHRIS DELMAS/AFP, Getty Images

The popular crypto exchange Coinbase freaked out a helluva lot of people this past weekend when it sent them erroneous alerts telling them that their 2-factor authentication settings had been messed with.

“Your 2-step verification settings have been changed,” the alert, which was sent out Friday afternoon via email and SMS text, read. The messages went out to 125,000 users, almost certainly leading many to believe that their accounts had been hacked.

2FA is a common form of online security, wherein platforms require not just a user’s password for login, but a second, identifying piece of information — usually, a code texted to another personal device. Suffice it to say, if you get an alert telling you that your 2FA settings have been changed — and you didn’t personally change it — that generally means someone has illegitimately accessed your account and is trying to impersonate you or steal your stuff.

In the context of Coinbase — which is responsible for storing hundreds of millions of dollars worth of crypto in its digital vaults — the threat of an account takeover clearly has big, bad implications for its users: namely, that you’re about to be broke.

On Saturday, Coinbase announced via Twitter that the messages that had been sent had no basis in fact.

“Yesterday, from 1:45pm PST to 3:07pm PST, Coinbase sent roughly 125,000 customers erroneous notifications that their 2FA settings had changed,” the company stated. “Our teams immediately recognised the problem and worked as quickly as possible to ensure these erroneous notifications were stopped and the underlying issue fixed.”

However, this weekend’s false alarm was probably made worse by the fact that Coinbase has been having problems with actual account hacks lately. CNBC reports that numerous customers have recently expressed outrage at the company, after their crypto was stolen in hacking incidents and Coinbase essentially brushed them off.

After this weekend’s goof-up, the company did actually apologise to users — which is the least it could do.

“We’re laser-focused on building trust and security into the crypto community so that the open financial system we all want is a reality. We recognise that issues like this can hurt that trust,” Coinbase said. It certainly can.