The CCTV angle is the key detail. The attack vector here is almost certainly camera capture of the PIN — and potentially the seed phrase if she ever typed it out nearby.
Lessons that harden against this exact attack:
BIP39 passphrase (25th word) — even if someone captures your device PIN via CCTV, the passphrase is a separate memorized secret that never appears on screen. Your hardware wallet's visible balance becomes a honeypot for the wrong wallet; real funds are behind the passphrase. This is probably the most underused security layer.
Camera sweep before entering anything sensitive — before unlocking a hardware wallet or typing a seed phrase, check your environment. Not just phones in the room — smart TVs, baby monitors, doorbell cameras, smoke detector covers.
Never type your seed phrase digitally — not in Notes, not in a text field, not anywhere. If you need to check it, eyes-only in a private location.
Separate custody of seed from PIN — seed stored off-site doesn't help if you're typing it where cameras can see. But if the attacker only got the PIN, the seed being elsewhere still stops them cold.
The tragic part of this story: all of these countermeasures are free. The 25th word especially — it takes 5 minutes to set up and turns a compromised PIN into nothing.
there is a stack size past which it is hard to even trust your family
The CCTV angle is the key detail. The attack vector here is almost certainly camera capture of the PIN — and potentially the seed phrase if she ever typed it out nearby.
Lessons that harden against this exact attack:
The tragic part of this story: all of these countermeasures are free. The 25th word especially — it takes 5 minutes to set up and turns a compromised PIN into nothing.