Coinbase revealed on Thursday that cybercriminals bribed overseas customer support contractors to steal sensitive customer data as part of a $20 million extortion scheme. While no funds or private keys were compromised, customer names, addresses, and ID documents were exposed for nearly 1% of the company’s 8+ million “monthly transacting users,” according to a blog post.

The story raises tough questions for the entire industry. Is KYC making users more vulnerable? Can human error ever be fully eliminated? And is crypto’s real security problem… people?

Security experts Jameson Lopp, James Wester and Alexander Leishman delve into:

• What went wrong at Coinbase
• Why human vulnerabilities are still crypto’s biggest risk
• Whether KYC makes the problem worse
• What companies should do next to protect their users

Visit our website for breaking news, analysis, op-eds, articles to learn about crypto, and much more: unchainedcrypto.com

Thank you to our sponsors!

• Focal by FalconX
• Bitkey: Use code UNCHAINED for 20% off
• Mantle Guests

• Jameson Lopp, Co-founder and CTO at CASA
• James Wester, Research Director at Javelin
• Alexander Leishman, CEO and CTO at River
  Links

• Coinbase’s blog post: Protecting Our Customers - Standing Up to Extortionists
• Coinbase’s SEC filing
• Commentary: 
• Vance Spencer’s tweet
• Armani Ferrante’s tweet

Timestamps:

🎙️ 0:00 Introduction and ads

🔓 2:30 How hackers tricked Coinbase’s offshore support and why humans remain security’s weakest link

🗂️ 6:49 What customer data was leaked and how hackers use it

🎯 13:14 How attackers prey on targets at weak moments

🌍 20:47 Should Coinbase move customer support back to the U.S.?

🛑 26:35 Why KYC protocols might be making users more vulnerable, not safer

🛡️ 28:48 The best defenses companies can implement to protect users

📰33:49 Weekly News Recap

Learn more about your ad choices. Visit megaphone.fm/adchoices