SDC Rewards Member
Upgrade yours now
.png){kind=icon}
One woman's life was RUINED by 24 words - this could happen to YOU too
We often talk about how important it is to be careful with our personal information online, but sometimes even being offline isn't enough to keep us safe.
This was the harsh reality for one Queensland woman who recently lost her cryptocurrency fortune - not once, not twice, but THREE times.
Shirley (not her real name), a full-time carer in her 50s from North Queensland, first invested money in Bitcoin back in 2017 through the New Zealand-based exchange Cryptopia.
Cryptocurrency is a type of digital currency that uses computer codes to secure transactions. Since its start in 2009 with Bitcoin, the technology has only grown and diversified. There are around 10,000 kinds of cryptocurrencies as of 2022.
‘I was putting away a little bit of money each week,’ she said of her cryptocurrency investments.
Aussies have lost $242 million to investment and cryptocurrency scams this year. Credit: Pexels/Sora Shimazaki
Unfortunately for her, just two years later in 2019, hackers stole around $24 million worth of the exchange's $250 million cryptocurrencies in what has been described as one of New Zealand's biggest thefts ever.
Earlier this year the firm went into liquidation and creditors like Shirley aren't expected to recover anything at all. She estimates her losses from the failed investment range from $30,000 - $50,000.
She then tried her luck with another cryptocurrency called Ripple XRP.
‘My faith is shattered… (but) I still have faith in Ripple. It’s not what it’s worth now, what I believe it’s worth in the future.’
This time, Shirley decided to use a 'cold' wallet - a secure offline way to store savings that doesn't connect to any online network and so shouldn't be able to be hacked - for her next investments.
But despite taking this extra security measure, both her accounts were compromised in different ways within just a few months.
Her latest ordeal began when she bought two of the said wallets, also called ‘hard’ wallets, from French company Ledger, which came with 24-word passphrases and physical USB contraptions earlier this year.
Shirley lost thousands of dollars in one fell swoop. Credit:news.com.au
But luck seemed to be in short supply for Shirley as last month, she discovered she no longer had access to one of her accounts while trying to make a new deposit.
‘One day I tried to make a deposit as always, and I couldn’t. And it was telling me my recovery phrase wasn’t correct,’ she said.
As any sane person would do, she contacted Ledger's support team for help.
After getting nowhere with Ledger’s customer service, she took to Twitter where Ledger's Chief Information Security Officer (CISO) Matt Johnson offered his support and provided her with a link that would supposedly update her Ledger app so she could regain access.
Probably feeling relief at some sort of progress, Shirley clicked the link, found herself on Ledger’s website, and inputted her details.
And so, she lost $14,000.
It turns out, the alleged officer who responded to Shirley was fake! Almost immediately, her stored cryptocurrency was transferred to another cryptocurrency exchange called KuCoin.
‘I just can’t believe I’m even in this situation,’ she said of her predicament.
Thankfully, KuCoin froze the transaction from her account when she reported it to them. She has also filed a report with Queensland Police.
Despite reaching KuCoin through the police, her cryptocurrency remains unreachable.
Meanwhile, Ledger and KuCoin have yet to address the matter.
Where could Shirley have gone wrong?
KuCoin froze the transaction from Shirley’s account when she reported it. Credit: news.com.au
A previous article featuring the real Ledger CISO Matt Johnson offered a bit of insight on the importance of 24-word passphrases, which hackers might have gained access to through scouring potential targets’ information stored online in emails or cloud storage services.
He explained: ‘The 24 words derive a combination which provides you with your private key. It stores the key in a very secure fashion, keeps it isolated from the internet…If somebody else can get those 24 words, they don’t need the pin.’
‘You never, ever, ever share them, never put it in a place where it could be discovered or seen.’
According to the Australian Competition and Consumer Commission’s Scamwatch, Aussies have lost $242 million to various scams — including investment and cryptocurrency — so far this year, with seniors aged 55-64 reflecting the majority of those targeted.
While we wish Shirley well, let’s also take the opportunity to be extra vigilant in today’s times when sadly, there are people who wish to take advantage of those of us who remain none the wiser.
If you have time, please check out these anti-fraudster tips (as well as multi-factor authentication) we’ve shared before to scam-proof yourself.
We also encourage those who have gone through similar experiences — no matter the amount of money involved — to please contact authorities immediately.
And if you don’t, has this story made you feel any different about this still-changing form of online currency?
Do share your thoughts and opinions below!
Source: YouTube/FOX 13 Seattle
nope ...no and definitely not. It's scary enough using netbank
