Coinbase Fixes Account Log Bug That Mistakenly Triggered 2FA Breach Alerts

Coinbase has resolved a logging issue in its system that led users to wrongly believe their accounts had been compromised, after failed login attempts were mistakenly labeled as two-factor authentication (2FA) failures.

As first uncovered by BleepingComputer, the bug caused the platform to misreport login errors. Specifically, attempts made with incorrect passwords were incorrectly shown in the user activity log as “second_factor_failure” or “2-step verification failed.” 

This mislabeling gave the false impression that an attacker had entered the correct password but was blocked at the 2FA stage, which naturally raised alarm among Coinbase users.

Several customers reached out to BleepingComputer, expressing concern that their accounts might have been breached. Many reported using unique passwords exclusively for Coinbase, found no signs of malware on their devices, and noticed no other suspicious account activity—adding to their confusion.

Coinbase later confirmed the issue, clarifying that attackers had never made it past the password stage. 

The system had mistakenly classified these failed attempts as 2FA errors, even though the second authentication factor was never triggered.

To correct the confusion, Coinbase issued an update that now properly logs such attempts as “Password attempt failed” in the account activity logs, removing any misleading implication of a 2FA failure.

Such inaccuracies, while seemingly minor, can trigger unnecessary panic. Some affected users reset all their passwords and

[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.