- Cryptocurrency exchange Coinbase has rolled out new live phone support in the wake of thousands of customer service complaints.
- A Los Angeles couple lost nearly $700,000 from their Coinbase account. The company says it was not responsible for that hack.
- CNBC interviewed several customers who tried the new support option, with some calling it “a joke.”
- A spokesperson for the cryptocurrency exchange said it is offering more customer support options and that “at no point have the attackers breached Coinbase’s security infrastructure.”
LOS ANGELES – After thousands of customer service complaints, Coinbase has launched a new live phone support line. But many customers are still disappointed with the company after the latest attempt to address their concerns.
Take Eric and Molly Richardson, for example.
The text message on Eric’s phone worried him so much that he went to the side of the road. It was a sunny July afternoon.
The retired lawyer clicked on the message saying that someone had logged into his account. He logged on, and soon received an email that his two-factor authentication had been changed, meaning his security settings had been compromised.
Then the nightmare got worse.
He and his wife Molly had saved around $1.2 million in cryptocurrency. Suddenly, a fraudster began withdrawing all of his bitcoin investments, roughly $700,000, as Eric observed. And there was nothing he could do.
“I was terrified. It looked like I hadn’t in a long time,” Eric said, admitting the text message was probably a phishing attack to get his account information.
Richardson couldn’t call Coinbase for help because when the account acquisition took place in July, the company only offered email support. According to government records and interviews, a CNBC investigation in August found thousands of customers’ accounts were hacked and hanged by the company. Coinbase, which went public in April, has a market cap of over $50 billion.
According to public records, since 2016, users have filed more than 12,000 complaints against Coinbase with the Federal Trade Commission, the Consumer Financial Protection Bureau, and the Better Business Bureau, mostly related to customer service. An additional 1,500 complaints have been filed since August.
Other cryptocurrency exchanges have faced similar complaints, but the complaints pale in comparison to Coinbase, the largest exchange in the US.
Coinbase, responding to criticism that customers could not speak to anyone in the company, established a live support line in August. However, dozens of customers whose accounts were hacked and drained told CNBC that the so-called help did not solve their problem.
In Richardson’s case, Eric said it took only 20 minutes for the fraudsters to extract 21 bitcoins in 110 separate transactions.
Eric reported the theft to Coinbase, which closed the account. But he said that for more than two months no one reached out to the couple to get their money back or to help them open an account.
“I still don’t know how it happened,” he said.
In September, Richardson called the new Coinbase phone support line. The agent told Eric that he did not have access to the case file and suggested replying to Coinbase’s last email, which he had already replied to. The 10-minute call ended not with a resolution, but with more disappointment.
“It was a joke; it annoys me a little more. And there’s no one who has decision-making power in customer service,” Eric said. “They can’t help much. You know what Coinbase did two days after I was hacked? They sent me a customer survey and they asked me to rate their service.”
Coinbase customers across the country have told CNBC similar stories since the launch of live phone support.
For example, customer Mark Bolos said in an email that “Live support is only for accounts that are actively locked; since my account is no longer locked, I can’t access live support even when I try to do so.” can.”
“The system assumes that the account associated with my phone number is not locked and does not allow me to access live support,” Bolos wrote.
Another customer, Don Pertle, called the phone line “a joke”.
And after unsuccessfully trying to restore access to his account, customer Conrad Yiu said, “It looks like they’ve failed every single part.”
A Coinbase spokesperson said in a statement that the company will provide “global phone support for all customers, and live messaging by the end of the year. We aim to be the most trusted and easy-to-use platform in the crypto economy, but we recognize that Some of our customers have experienced challenges with their Coinbase accounts. Improving our customer experience remains a top priority.”
“In most cases, Coinbase does not cover any damages that result from unauthorized access to Coinbase accounts due to a breach,” which is often a phishing attack, the statement said.
Earlier this month, in a note to Coinbase customers, the company revealed that funds were stolen from around 6,000 customers in a phishing attack that took place from March to May 20. The hackers “took advantage of a flaw in Coinbase’s SMS account recovery process. Order to obtain an SMS two-factor authentication token and gain access to your account.”
A spokesperson for the company said: “We have promptly corrected the flaw and have worked with these customers to regain control of their accounts and reimburse the money they lost. This is rampant, sophisticated phishing.” Attacks are on the rise, and we strongly recommend anyone who uses online financial services to remain vigilant and take the necessary steps to protect their online identity.”
When asked about the security of Coinbase accounts, a spokesperson said, “While some Coinbase customers have unfortunately been victims of phishing attacks and account takeovers, at no time have the attackers breached Coinbase’s security infrastructure. ”
Experts say there are alternative ways to store cryptocurrencies that are essentially hack-proof.
One move that may have helped protect Richardson and others is to move cryptocurrency from an exchange like Coinbase to a process known as cold storage, or to move crypto offline.
“I beat myself up every day because I have the voice of my friends in my head. ‘Eric, put it on the shelf.’ And I just didn’t,” Eric said.
Nicole DeCicco, who helps customers secure their cryptocurrencies through her company CryptoConsultz, says cold storage is virtually hack-proof. Crypto owners get a private key to store that key offline, much like a password.
“A cold storage or cold wallet is completely disconnected from the Internet. Sometimes it is a device that you connect to your computer,” she said. “When you keep your funds in cold storage, you own those funds. … They are offline, away from hackers.”
“I want to tell our customers that just like you can withdraw money from your ATM card, you can always load it from your cold storage wallet into a hot wallet. But if we are talking about a significant amount, then In fact the best practice is to keep it in cold storage,” she said.
DeCicco says that creating an Exchange account is easy but setting up cold storage takes more work. To set up cold storage, many investors buy a device for this purpose. It then needs to be loaded with a private key and stored securely, such as in a vault.
While cold storage is more secure, it has its own issues. The owner may lose the password, or the device may be broken.
After more email exchanges with Coinbase, Richardson said that access to his account was eventually restored. And the company sent them some money back.
But it was not what they expected. The company put $500 worth of bitcoins in his account.
“It felt like they kicked sand in my face,” said Eric Richardson. “Is there a senior at Coinbase even looking at this? Somebody did the calculations and said, ‘Okay, that’s what happened to his guy. He lost 21 bitcoins. Let’s give him $500.'”
please email suggestions [email protected].
— CNBC Angelica Serrano-Roman And Nadine Al-Bawabi