Feature request – please disable withdrawing after password change!

I did not know how vulnerable SMS based 2FA is. A SIM swap attack left my Coinbase account open to access after a password reset. The hacker attempted a purchase of $30,000 of BTC. I’m not sure if they took my other assets, exchanged them for BTC, or just took as much as they could of the pending purchase. In the 2 weeks it took Coinbase support to respond to my request for assistance in regaining access to my account, I believe Coinbase liquidated my assets to pay for the failed purchase.

I lost about $8,500.

I’m responsible for the rest of the payment, which is $5,700. I’m not paying it and will never use Coinbase again.

It could have been avoided if Coinbase took a great feature from [Binance.US](https://Binance.US) and temporarily disabled withdrawing after a password change. I hope they add that feature for others who are brave enough to still use Coinbase.

Please learn from my mistakes. Use something better than SMS 2FA, and don’t keep assets in exchanges.

What do you think?

Leave a Reply

Your email address will not be published. Required fields are marked *

GIPHY App Key not set. Please check settings


  1. This subreddit is a public forum. For your security, do not post personal information to a public forum, including your Coinbase account email. If you’re experiencing an issue with your Coinbase account, please [contact us]( directly.

    If you have a case number for your support request please respond to this message with that case number.

    You should only trust [verified Coinbase staff]( Please report any individual impersonating Coinbase staff to the moderators.

    *I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/CoinBase) if you have any questions or concerns.*

Question from a noob

Operation: CryptoKitty Rescue. A story of nonce and nonsense | by Jordan Spence | MyCrypto