The community accuses Coinbase of exposing them to attacks

In the last hours, the theft of data to Coinbase has generated intense debates in different Internet circles. Employees of the customer service area were bribed to filter information from a small fraction of users, including names, addresses, identifications and emails. After obtaining the data, the hackers demanded USD 20 million in exchange for not disseminating the incident, but the Exchange refused to pay.

The detail is that the attackers, passing by Coinbase, contacted several affected users and asked to send cryptocurrencies to fraudulent addresses. Although The company promised to reimburse the victims And he announced measures to prevent future incidents, the damage is already done. This has revived the debate on the inability of any firm to completely guarantee that these attacks do not occur or repeated, and also with respect to KYC policies (“Know Your Customer”).

To understand the scope of this incident, it is crucial to understand that centralized exchanges require users to provide detailed personal information, such as complete names, physical addresses, selfies, official identification numbers, emails and, in some cases, receipt of income. These data, aimed at preventing money laundering and guaranteeing the traceability of transactions, are stored by the platform, becoming an attractive goal for hackers.

The case called professionals from the sector, including Changpeng Zhao (CZ), former CEO of Binance, who shared in his X account a series of recommendations to prevent Phishing attacks. CZ highlighted the importance of Do not share passwords with alleged support agentsavoid clicking links received by email and use password managers to guarantee safe credentials on each platform.

For his part, Pablo Sabbatella, a renowned Argentine expert in computer security, responded to CZ with a series of key recommendations to strengthen user protection. Stressed the importance of Activate two factors (2FA) authentication to access password managersbut warned that 2FA codes, backup copies or seed phrases should never be stored in them; He also recommended using antivirus – especially in macOS systems – and always verify the identity of the interlocutors, adopting an initial posture of distrust. “Everything is a scam until the opposite is demonstrated,” he said.

The discussion also reached the ears of Jameson LOPP, co -founder and director of Security of Casahodl. In a message posted on his X account, LOPP said that KYC policies represent “the root crime that enables everything else”. According to the specialist, demanding the mandatory delivery of personal data not only facilitates crimes of social engineering – such as those that occurred in this case – but also could increase the risk of physical attacks to obtain access to cryptoactives.

The incident was also described by Francisco Calderón, Software Engineer, who expressed a forceful position. Calderón said These types of leaks are the direct consequence of sharing personal data with third partiesstating that “the KYC must be eradicated.” In addition, he questioned the capacity of Coinbase, a consolidated company and not a startup, to protect the information of its users, raising the following concern: “If a platform of this caliber cannot guarantee data security, what can be expected from others?” The comment reinforces the growing skepticism towards centralized systems, adding to the voices that advocate solutions that prioritize the privacy and autonomy of the user. For example, from the official account of the west platform they called to use P2P exchanges without KYC.

What happened with Coinbase demonstrates, once again, that in this ecosystem security does not depend solely on platforms, but also on user knowledge. For more than a company promises high protection standards, there will always be vulnerabilities when large volumes of personal data are handled.

Given this panorama, educating is the first step to protect yourself: understanding how the system works, researching before trusting any platform and adopting a critical attitude towards suspicious communications. Education is free, it is available to everyone and remains the most powerful defense against crimes online. That is why we invite you to consult our cryptopedia on how to prevent scams with cryptocurrencies.