Skip to content

Coinbase confirm it sent erroneous notifications told "125,000 users their 2FA settings had changed"

NurPhoto via AFP

Leading cryptocurrency exchange Coinbase mistakenly sent emails to 125,000 users telling them that their two-factor authentication settings had been changed. In a comment to CNBC Coibase said: The email and SMS notifications were sent due to an "internal error" and were not the result of a hack.

The fake message appeared at 1:45 p.m. on Friday. The message said, "Your 2-step verification settings have been changed."

It followed up with a second email stating that the message was sent in error. Coinbase explained the incident on Twitter, reassuring that it was a simple technical error, such as a bug, and not a cyber attack.

then apologized on social media, saying it was focused on building trust and "that issues like this can hurt that trust."

The alert caused a lot of alarm among users, who feared that their accounts had been hacked, in fact despite the reassurances, someone got very worried. For example one user, Don Pirtle, who told CNBC that he sold the equivalent of $60,000 to get out of his position at the very moment he received the message. Nor will he have been the only one, regardless of whether the move was an appropriate response to the eventual problem, to panic.

There have been several cases in the past where one or more hackers have managed to get hold of cryptocurrencies held by some exchanges, the most famous and reported case being Mt. Gox, so a bit of concern from users in such a situation is all in all understandable.