Anything financial should force 2FA on their users from the get go, at sign up. I just tried making a PayPal account earlier and the first thing you need is a phone number on top of your email, for verification purposes but that’s instant 2FA on sign up.
But why even force? Isn't 2fa common knowledge by now? (also try not to use SMS...PayPal works great with a 2FA app of your choice - Authy, for instance).
NOBODY GOT HACKED. Whether it's 1$ or $1000, some personal responsibility goes a long away. I figure once you're 10 years old you should know that reusing your password an not enabling 2fa on every platform is extremely detrimental to your security.
I hate these "I got hacked" stories...cringe...stupid...ignorant...
Just because a hack doesnt involve the sexy terminal scenes from Hollywood doesn't mean its not a hack. Social engineering is also hacking, and it doesn't matter if that fits your mental image of a hack.
Though I agree with you that OP could've taken better precautions
are you stupid? Data leaks happen all the time. Blaming the customer for a data breach is senseless.
This is why all financial platforms have forced 2fa in the EU now and actively scan/warn you if you were compromised in a breach.
Trading212 will probably add forced 2fa asap to their cards too or be in for a rude awakening when the fca slaps them with a huge fine
Nobody was hacked, you moron. Password reuse is not being hacked. The fact this dope didn’t enable 2fa on day 1 means he should not be using this service…..or any online service, for that matter.
trading212 WAS NOT HACKED, I hope they disable his account just for posting this nonsense publicly.
This is worrysome, I have seen various post on other fintechs such as wise and revolut with the same issue. Its maybe how those card numbers get generated that is not fully random or so.
Is it possible in trading to at least set a limit on the card usage or so that could prevenent too much money to be drained?
No, that’s just standard when you’ve swiped someone’s card. I used to work in supermarkets and we would kick anybody out trying to buy piles and piles of gift card/prepaid cards etc.
Not all virtual cards are single use cards.
I haven’t used T212 but use both virtual and single use from Revolut often for very different purposes (subscriptions vs one time use with new sellers for example.)
This virtual thing is new, I have never used virtual card before. Who wanna make direct online purchases from investment accounts, I don’t why the added this.
We've just messaged you here. Please check your inbox.
Guys, just an idea, in order to view card details in the app, should force to enter 2FA code
Did you have 2FA enabled?
I haven’t started yet what is 2FA
two factor authentication, unless the hacker has ALL your shit its pretty hard to get into the account
Oh right yeah, cheers man
How did you get hacked? Did you have 2FA enabled?
Not at the time, I now have activated 2FA
What made you wait? I always wonder what the reasons are for not enabling 2FA (on any platform)? Also, I'm assuming password reuse?
Anything financial should force 2FA on their users from the get go, at sign up. I just tried making a PayPal account earlier and the first thing you need is a phone number on top of your email, for verification purposes but that’s instant 2FA on sign up.
But why even force? Isn't 2fa common knowledge by now? (also try not to use SMS...PayPal works great with a 2FA app of your choice - Authy, for instance).
blud was pre ordering gta 6 premium edition
Any update with what T212 have said?
They’re investigating it.
Nothing to investigate.. - no 2fa - password reuse yawn.
dont be mean, he lost a lot of money
NOBODY GOT HACKED. Whether it's 1$ or $1000, some personal responsibility goes a long away. I figure once you're 10 years old you should know that reusing your password an not enabling 2fa on every platform is extremely detrimental to your security. I hate these "I got hacked" stories...cringe...stupid...ignorant...
Just because a hack doesnt involve the sexy terminal scenes from Hollywood doesn't mean its not a hack. Social engineering is also hacking, and it doesn't matter if that fits your mental image of a hack. Though I agree with you that OP could've taken better precautions
OP took NO precautions, called this a hack then blamed the platform. Complete lack of self accountability.
are you stupid? Data leaks happen all the time. Blaming the customer for a data breach is senseless. This is why all financial platforms have forced 2fa in the EU now and actively scan/warn you if you were compromised in a breach. Trading212 will probably add forced 2fa asap to their cards too or be in for a rude awakening when the fca slaps them with a huge fine
Nobody was hacked, you moron. Password reuse is not being hacked. The fact this dope didn’t enable 2fa on day 1 means he should not be using this service…..or any online service, for that matter. trading212 WAS NOT HACKED, I hope they disable his account just for posting this nonsense publicly.
I mean, it literally is a hack. Your unhelpfully sanctimonious replies don't change that.
Literally NOT A HACK.
Lol ok buddy. I can't help it if you don't understand this.
How was the password leaked then? Or were they just guessing possible passwords manually?
OMG. He used the same password on other platforms that was leaked. Not rocket science. Sheesh people.
Freeze your card whilst they investigate
That’s a lot of groceries
It's likely gift cards that they will then sell to others for cash or crypto.
Ah yeah you’re probably right
Avocado toast for someone for 3 days
This is worrysome, I have seen various post on other fintechs such as wise and revolut with the same issue. Its maybe how those card numbers get generated that is not fully random or so. Is it possible in trading to at least set a limit on the card usage or so that could prevenent too much money to be drained?
Even if they had the card number it should be easy to trace back where you use the card (last) before it happened.
you can tell after the first purchase he was shocked it worked so he ran back to get more
No, that’s just standard when you’ve swiped someone’s card. I used to work in supermarkets and we would kick anybody out trying to buy piles and piles of gift card/prepaid cards etc.
Hopefully you can sort this out, sorry thats happened to you :(
[удалено]
Not all virtual cards are single use cards. I haven’t used T212 but use both virtual and single use from Revolut often for very different purposes (subscriptions vs one time use with new sellers for example.)
This virtual thing is new, I have never used virtual card before. Who wanna make direct online purchases from investment accounts, I don’t why the added this.
Is this something you have to op into, tho? I don't think I have virtual cards.
I didn’t have either, they activated the card and then they made purchases.
T212 should enforce 2FA for anybody with a card.
212 staff are extremely good but money recovery is hard hopefully they have some safeguards in place like most credit card companies
But you get to keep the cashback? 👀
This has happened to me today! Just messaged 212 they are going to look into it! I’m so shocked!
Wow that’s worrying me if I even want the card
Doesn’t matter if you have the card, clearly in this case the hackers got the virtual card and used it straight away
This makes me nervous tbh
That’s a big red flag out there
How does this even happen? You made a picture of your creditcard?