The Coinbase hack was completely avoidable

This wasn’t some high-level zero-day. They got popped because a third-party support vendor got compromised. Someone got bribed, and now full names, addresses, and government IDs are floating around.

People are already getting hit with identity fraud. Someone literally tried to open a Robinhood account using stolen ID info from the breach.

Coinbase had one job: protect customer data. Instead, they outsourced security to the lowest bidder and called it a day. No internal control testing, no threat training, just vibes.

Now, it’s come out that this was completely avoidable! CyberCatch just launched a platform for crypto firms that actually focuses on this stuff—compliance, testing, finding holes before they get exploited. Feels like the kind of thing that should be MANDATORY, not a footnote.

But sure, let’s toss out a $20M bounty after the fact like that solves it.