Back to Home11/16/2025, 8:18:10 PM

I have recordings proving Coinbase knew about breach months before disclosure

jclarkcom
157 points
48 comments

Mood

controversial

Sentiment

negative

Category

security

Key topics

Coinbase

data breach

security disclosure

The Hacker News discussion revolves around a post claiming to have recordings that prove Coinbase knew about a security breach months before disclosing it. Although the top comments are not available, the discussion likely centers on the implications of the alleged delayed disclosure and potential accountability. The conversation may have touched on the security practices of Coinbase and the ethics of disclosure timing. Without the top comments, the exact key points and conclusions are unclear, but the topic appears to be a contentious issue.

Snapshot generated from the HN discussion

Discussion Activity

Active discussion

First comment

5h

Peak period

12

Day 1

Avg / period

12

Comment distribution12 data points

Based on 12 loaded comments

Key moments

  1. 01Story posted

    11/16/2025, 8:18:10 PM

    2d ago

    Step 01
  2. 02First comment

    11/17/2025, 1:19:20 AM

    5h after posting

    Step 02
  3. 03Peak activity

    12 comments in Day 1

    Hottest window of the conversation

    Step 03
  4. 04Latest activity

    11/17/2025, 2:57:14 PM

    1d ago

    Step 04

Generating AI Summary...

Analyzing up to 500 comments to identify key contributors and discussion patterns

Discussion (48 comments)
Showing 12 comments of 48
WatchDog
2d ago
1 reply
So the emails had proper DKIM signatures.

Did the support agents have the ability to send arbitrary emails from commerce@coinbase.com? If not, how did the scammers send a properly signed email?

dwohnitmok
2d ago
Yeah what is going on here?

What does this mean?

> While both amazonses.com and coinbase.com DKIM checks passed, this is exactly how phishing works—attackers can configure Amazon SES to send "from" coinbase.com

How does Amazon SES let you sign an email from a domain you don't control? I'm very confused.

garbagewoman
1d ago
1 reply
You do realize that chatgpt has a very recognizable and irritating style, right?
rdos
1d ago
Hello, I am interested in this topic. What would you say were the tale tale signs of AI generated text for you? Apart from:

- excessive em-dashes - useless words, verbosity

garlic-man
1d ago
That wouldn't surprise me — A few years ago I reported a vulnerability through their bug bounty program that allowed "mandatory" 2FA for crypto withdrawals to be bypassed.

They paid a pittance and permanently buried the report even though its release wouldn't have posed a risk anymore.

rkagerer
1d ago
Talk to a lawyer about litigation.
LatteLazy
1d ago
I have a tradfi background but work in crypto with trading software.

The whole industry (except deribit) is a shit show of barely working apis that aren’t reliable or accurate in any way. It’s completely routine to not be able to get an order status for minutes at a time. Or to get fills after an order has been rejected. Or a week after a cancel confirmation message.

Coinbase is actually one of the worst offenders for this. Coinbase Prime, their supposed institutional grade offering especially so.

So it doesn’t surprise me at all that the same issues are happening more widely.

To be clear: deribit have always been efficient, accurate, reliable and generally excellent. If you must trade crypto, do it there so you’re Ops and Support people don’t have to suffer.

SilverElfin
2d ago
A related issue: often when there’s a security issue, the wrong people are blamed. In reality it is almost always the CEO’s fault for setting budgets or goals that are unrealistic and force everyone else to cut corners. Even other executives are a victim of this and are ultimately powerless.
sourgrapes42
1d ago
Did they ever email customers that there was a data breach? I started getting scam messages about my Coinbase account in the beginning of the year and only realized they had a breach because I happened to see their post twitter. I dont remember getting notified about it though.
nalekberov
2d ago
In July, 2025 I asked Coinbase to delete my account permanently, for which i had a bit of back-and-forth with customer service representatives, in the end I got an email confirming the deletion, then I tried to log into my account, I was still successful - they lied about it.

Then I reached out to customer service several times - no answer. Then I contacted dedicated channel for privacy related questions with all proofs of mishandling - radio silence.

It’s sad to see these companies mishandle our very personal data and get away with this.

aantix
2d ago
Offshoring support for financial data should be illegal.

Even if they find the inside individuals, how could anyone ever present a legal case?

I_am_tiberius
1d ago
I remember Brian Armstrong saying something like "... and other data" when he communicated the data that was collected and then stolen. That tells a lot about him.

36 more comments available on Hacker News

View full discussion on Hacker News
ID: 45948058Type: storyLast synced: 11/16/2025, 9:42:59 PM

Want the full context?

Jump to the original sources

Read the primary article or dive into the live Hacker News thread when you're ready.

Read ArticleView on HN