I am posting this in case other people may confront the same situation and could possible avoid it. The post was posted earlier but was just deleted. I copied my communication with coinbase at the bottom.
I have a bitcoin account on coinbase and was not able to login however I tried. I got my password correct, but coinbase did not allow login by saying that it was a new device. Coinbase just kept sending me an email for me to verify the new device through the link. Nothing just happens after that and it was a loop of communications leading to nowhere. I tried the verification process by pretending that I do not have the 2-factor verification and try to provide my driver license to verify my account. It accepted my information, but still no result after two week's waiting.
There was no phone number that I could see in this whole process. Today, I tried googling "coinbase phone number". It popped up with two numbers. The first one was authentic, but it will ask you if your account is compromised. If yes press 1. My account was ok at that time and I kept waiting. Then the voice said the volume is high and hanged me off not allowing me to continue to wait. After several times of calling the first number without success, I continued to try the second number (888-4551155) and it went through after several minute's wait.
So I called to solve the problem. The tricky part is that they were able to help me log in! I have NO IDEA how they are able to log in! We were back to the page where the coinbase said that I was a new device and need to verify through email. Then the hackers had some code that claimed to be the "coinbase secrete seed". I do not know why they have such code and why this code could help me log in. I have been so desperate in the recent months and was so happy that finally I got into the system and see my account. Then they took control of the account and sent my coins to their own address. The transaction could be seen here.
https://live.blockcypher.com/btc/tx/f0ae7669a0115b53129657d4a2b0ca2f9c730b0835e4848e8cea7743ffb1f7e8/ The bitcoin address that they used was 19n12cDwyfmf6ZpjxGJVvRuZL9BEPdq6Xy
I know I am stupid to be scammed, but there is one question I have no answer: while I was not able to log into coinbase myself by trying all the options that is provided by coinbase, the hacker were able to log in by using some secrete seed. I do not know what that is, but he should have some partial security information about coinbase. I called coinbase about this, it seems they are redundant to take responsibility for the fact that they are allowing other people to help me login. The funny thing is that when I called them, they ask me to press button 1 if you think your account has been compromised. So this time of course I pushed 1 and finally get through after one hour wait on line. Now the true customer service picked up, and after checking my balance to be zero and just asked me: "do you want to close your account?". They do not really care to know what happened!
Hope they can investigate this, because the hackers will do it again. If they can log in coinbase for me, they can do it again and again. When you google "coinbase phone number", their number is still showing up.
--------------------------------------------------------------
Below is my communication with coinbase through email:
Coinbase: The transaction is not reversible
Me: Why can the hacker help me login
Coinbase: We had no reason to distrust this activity as your IP, your computer, your password, your 2-fa phone codes and your e-mail were used to access the account and send the transaction.
Me: Ok, why I can not login myself over the past two years
Coinbase: To login to your account, you need access to your password, your phone code and your e-mail to confirm the session. These 3 security protections are required to login.
Me: Of course I had all these… had to repeat my story again.
Coinbase: My records show we sent e-mails titled “New Device Confirmation” on 4 login attempts in October 2017. We deliver an email that must be clicked from the same device/browser/IP that you are using to login. If you click the email link from a different computer, you will receive a verification error.
Me: Of course, I clicked the email link from the SAME computer EACH time!!
Coinbase: There are no login restrictions on your account. As I have mentioned previously, your password, your 2-fa code and your e-mail are required to login. If you properly click the email link you successfully login. There are no other requirements to login and we do not prevent you from accessing your account when you have these 3 security credentials.
Me: How hard can it be to “properly click the email”?
Coinbase: There are no login restrictions to your account. All logins require password, 2-fa and email confirmation.
