bohemia @bohemia - 7d
Coinbase tone deaf and idiotic enough to put this at the bottom of requesting info
YODL @YODL - 7d
Went searching Armstrong's timeline for any updates on his search for the criminals. Not a mention since Taken video on 5/15
bohemia @bohemia - 6d
Plot twist: Armstrong is the criminal (but we already knew that teehee) Fr tho, I wonder if the gubment or Saylor lol or his shareholders made him stfu. It is a publically traded company with a lot of other people's money on the line.
YODL @YODL - 6d
I wasn't around early enough to hate on him as much as some do, but he had annoyed me for a long time with his unwillingness to say "bitcoin" etc. I know I've been getting a rise in phishing attempts (more than the standard amount from past leaks) lately, though probably a different data leak as I haven't touched chase in a lonnng time He needs to notify the individuals who he can confirm had their data leaked. Far as I know it hasn't been done
I think breach notifs are usually 30-60 days. Coinbase is prob working with their legal team to figure out optics before notif cos from whispers it sounds like maybe the breach was bigger than the claimed 1%. But that is pure speculation. Great time to use a yubikey on all of your important accts. It would be nice to have confirmation, but doesn't really change anything I do security wise.
That reminds me, need to get and move things over to one of those at some point. I kinda hate the digital 2fA things that I know I haven't properly backed up... Heard from Bill Cypher of a different brand that had some advantage... brb
https://primal.net/e/nevent1qqs2dq7tspyeyvsmwgu0nnhdlssxkw6t9zd5gcppt8u7wh0lmr0hmhqlf0vdh
Oops, wrong thing pasted nostr:nevent1qqs2dq7tspyeyvsmwgu0nnhdlssxkw6t9zd5gcppt8u7wh0lmr0hmhqpzemhxue69uhhxetpwf3kstnwdaejuar0v3shjnaenwx
Thank you for sharing yodlbro 🙏🤘
Np bohbro. I should have asked if you already used a yubikey, and what you thought about it, but assumed you didn't 🤷♀️
node @node - 6d
Yubikey is amazing. If you get one, get two
....crypto? 🧐 Oh nice. More motivation to get on it
It's gonna have to be next gadget I get. Will likely go with this onlykey bill recommended as he seems to know this stuff pretty well. Will have to research a tad
Just call me Brian 🤣 Yes, do it 🚀
I’ve had it for years. It’s amazing. Get two. One on you, one at home (a backup).
You haven't led me astray yet 🫡
If you have a Mac mini m1, don’t set it up for login. There’s a bug. Found out the hard way 😭
You can set it up but you can’t remove without wiping
Cryptography starts with cry 😭 for a reason 😭😭
This is true 🤣🤣🤣
I don't have one, but what are you talking about? Did I miss something?
bohemia @bohemia - 4d
If the CB contractor had to lay off 300, then how big was the breach lol https://www.financialexpress.com/business/industry/taskus-indore-based-bpo-fires-over-300-employees-without-notice-sparks-staff-protests/3712402/
YODL @YODL - 4d
Replying so I can find again
YODL @YODL - 3d
Interesting. Read a bit more now and did some searching quick. Seems more than TaskUs partnership ending. Probably because this incident motivated them to restructure the whole offshore thing. Early report on incident claims someone was taking pictures of screen...but that's not gonna come close to 1% of user info lol. Also read this has cost coinbase 400M in damages somehow. As someone else pointed out, an offshore customer support group should not have been capable of pulling huge chunks of unencrypted data at all.
bohemia @bohemia - 3d
It is massive, egregious neglect of basic, foundational cybersecurity principles. Least privilege and access control are harped on in the most elementary teachings. I don't know if contracting offshore for handling of PII is the industry norm, but it seems very risky to give unfettered access to people who aren't directly employed. Seems they got too big for their britches, as my grandma would say. It will be interesting to see how they fare after this.
