[danielpal]

Authy founder here (we do Two-Factor Auth for Coinbase).

Looks like you didn't have Two-Factor enabled https://news.ycombinator.com/item?id=6947037). Enable it now. We've stopped lots of Coinbase account password compromises. Most of the time we see that the e-mail was hacked.

Do the following:

1. Enable Two-Factor Authentication on your e-mail.

2. If you use GMail, go to Settings -> Forwarding POP/Imap. Check that no "weird" addresses are added to your account.

3. Change your E-mail password.

4. Change your Coinbase password.

If you have Two-Factor enabled we can also temporarily block your account if you suspect a hacker is trying to get into it. Contact us at support@authy.com and we'll block it.

[vijayboyapati]

I highly recommend the above advice. 2-factor auth is a simple step that hugely increases security. You must have it on your email at minimum - since having access to your email typically gives you access to many accounts connected to your email - and probably most of your financial accounts.

I might also encourage Coinbase to limit the maximum dollar value of transfer from an account to, say, $100 per day until someone enables two-factor auth. Typically people have very poor security habits, and strongly encouraging them to improve them will help both users and Coinbase's reputation.