Thursday, September 3, 2020

Coinbase customer support has been useless over the last 36hours in hack.

Approximate timeline of events to Coinbase account compromise and ACH transfer from Chase Bank to Coinbase. Ticket #02674780.

Note that I'm unable too get in touch with coinbase at any point beyond automated emails.

• 2020-09-01 9:18PM: Notice login attempt to dormant Coinbase account.

• 2020-09-01 9:18PM: Notice suspicious activity on email with emails being received and immediately deleted.

• 2020-09-01 9:27PM: Requested my account Coinbase account sign-in be disabled.

• 2020-09-01 9:39PM: Initiate support case with Coinbase.

• 2020-09-02 9:45PM: Learn that cell phone does not appear to be working correctly and I am not receiving texts and cannot make outbound calls. I later come to the realization that the perpetrator has ported my cell phone number to bypass two factor authentication on Coinbase and email accounts.

• 2020-09-02 10:00PM: Contact Sprint after hours support via chat on website and am told that my account has been canceled and it is a system glitch. Support team will look into it and get my phone up and running within 24 hours.

• 2020-09-02 11:00PM: Initiate deleted email recovery from Yahoo Mail.

• 2020-09-02 11:00AM: Recover deleted Yahoo Mail emails and identify that password reset on Coinbase account has been performed by a person in the UK and that a $25,000 transfer and $65.00 transfer has been initiated. Note that I have a US based account and have not logged in in ages nor have I ever purchased anywhere near that amount of Bitcoin. This should set off alarm bells for Coinbase.

• 2020-09-02 11:00AM: Check chase account and ACH transfer does not appear in pending via online Chase portal. Assume Coinbase may have flagged this charge as fraudulent given prior activity and request for locking the account.

• 2020-09-02 11:28AM: Still no access to a cell phone. I placed call to chase fraud department from my work Skype account apprising them of the situation, performed a username reset, password reset and added a verbal password to my account. Fraud support fails to restrict my account despite me telling them that it was compromised via Coinbase and that an ACH transfer was going to be initiated from Coinbase for $25,000.

• 2020-09-02 11:49AM: Call Sprint and determine my phone number has been ported to John Anderson at T-Mobile. T-Mobile needs to investigate to give me my phone number back and estimates 24-48hours before they end their investigation.

• 2020-09-02 3:30PM: File an identity theft police report with Police.

• 2020-09-02 4:45PM: Regain access to my cell phone number and it is ported back to my name.

• 2020-09-02 5:00PM: Notice ACH transfers to Coinbase for $25,000 and $65 are pending in bank statement.

• 2020-09-02 5:05PM: Place call to Chase Fraud department. Tell them that they should cancel the ACH transfer marked as pending and that my account is compromised. I am transferred to Claims. I tell claims that my account is compromised and that they should cancel the transfer. Claims tells me that they will put some sort of hold on the transfer but that I may be liable for fees from Coinbase and that I will have to fill out a form.

• 2020-09-02 9:00PM: Initiate full scan across all my computers for viruses and worms with two different security suites. No viruses or worms detected.

• 2020-09-03 8:00AM: Identify that ACH transfer was processed despite my calls to the Chase Fraud department.

• 2020-09-03 9:00AM: Visit Chase Bank. Restriction is put on account. No one is able to explain why the ACH transfers were allowed to complete. Chase Bank requires I fill out a claims form before they can investigate my case which takes 24hours to generate.

• 2020-09-03 2:00PM: File complaint with the FBI.

Updates because why not go live....

• 2020-09-03 7:45PM: File a complaint with the Department of Financial Institutions as it seems that Chase probably dropped the ball here.

• 2020-09-03 8:15PM: Email a couple lawyers to see what my options are. Not sure anything will come of this or whether it will be worthwhile but it probably makes sense to check tomorrow.

• 2020-09-03 8:45PM: I am still waiting on a response from Coinbase as to my case.

• 2020-09-03 10:00PM: Receive an automated email from Coinbase that they will hold the funds additional 7 business days before they can be withdrawn due to suspicious activity.

In the last 48 hours I am unable to get Coinbase on the phone or via email to tell me what is going on...

I'm sure I failed somewhere along the path here but not being able to get in touch with anyone at coinbase is disturbing. Maybe they'll read this and actually reply beyond asking for my support ticket number.


No comments:

Post a Comment