this happens to people that store their cryptocurrency on services with sms-based 2fa.
any service that uses sms-based 2fa without any other option like client side generated one time passcodes (otp) should be sued for negligence at this point. the otp should be the default choice.
people are currently masquerading incompetence as an indictment to cryptocurrencies as a concept. this is allowing negligent, incompetent businesses to get a free pass, because the people that should be in charge of protecting consumers are thinking the cryptocurrency itself is insecure or "got hacked" which so far isn't what is happening.
(with regard to storing cryptocurrency on someone else's server, yeah those users are being negligent too.)
My personal peeve is various services that offer MFA, but very quietly still offer SMS-based 2FA as a backup that is nearly impossible to turn off. If you set up MFA, be absolutely sure that recovery is only done through one-time codes and the service doesn't automatically fall back on SMS.
any service that uses sms-based 2fa without any other option like client side generated one time passcodes (otp) should be sued for negligence at this point. the otp should be the default choice.
people are currently masquerading incompetence as an indictment to cryptocurrencies as a concept. this is allowing negligent, incompetent businesses to get a free pass, because the people that should be in charge of protecting consumers are thinking the cryptocurrency itself is insecure or "got hacked" which so far isn't what is happening.
(with regard to storing cryptocurrency on someone else's server, yeah those users are being negligent too.)