I lost north of $100,000 last Wednesday. It evaporated over a 24-hour time span in a “SIM port attack” that drained my Coinbase account. It has been four days since the incident and I’m gutted. I have zero appetite; my sleep is restless; I am awash in feelings of anxiety, remorse, and embarrassment.

This was the single most expensive lesson of my life and I want to share my experience + lessons learned with as many people as possible. My goal is to increase awareness about these types of attacks and to motivate you to increase the security of your online identity.

This is still very raw (I haven’t even told my family yet); please reserve judgment with regards to the naive security practices laid out in this post.

Details Of The Attack

You might be asking yourself, what exactly is a “SIM port attack”? In order to describe the attack, let’s examine a typical online identity. The diagram below should look familiar to most people.