Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Submission + - MtGox.com Bitcoin trading site compromised (mtgox.com) 3

Beardydog writes: Bitcoin trading site MtGox.com has suspended operations for the rest of the day after illicit access to at least one account resulted in a steep drop in the price of Bitcoins on the site. Commenters to the support page for the event are reporting that a list of usernames and associated email addresses and password hashes have been posted online. MtGox are currently planning to roll back all of the day's trading, email notices to all affected users, and require replacement passwords for affected accounts.
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

MtGox.com Bitcoin trading site compromised

Comments Filter:
  • by Tolkien ( 664315 ) on Sunday June 19, 2011 @05:20PM (#36493304) Journal

    Dear Mt.Gox user,

    Our database has been compromised, including your email. We are working on a quick resolution and to begin with, your password has been disabled as a security measure (and you will need to reset it to login again on Mt.Gox).

    If you were using the same password on Mt.Gox and other places (email, etc), you should change this password as soon as possible.

    For more details, please see this:

    https://support.mtgox.com/entries/20208066-huge-bitcoin-sell-off-due-to-a-compromised-account-rollback [mtgox.com]

    The informations there will be updated as our investigation progresses.

    Please accept our apologies for the troubles caused, and be certain we will do everything we can to keep the funds entrusted with us as secure as possible.

    The leaked data includes the following:

    - Account number
    - Account login
    - Email address
    - Encrypted password

    While the password is encrypted, it is possible to bruteforce most passwords with time, and it is likely bad people are working on this right now.

    Any unauthorized access done to any account you own (email, mtgox, etc) should be reported to the appropriate authorities in your country.

    Thanks, The Mt.Gox team

  • by eparker05 ( 1738842 ) on Sunday June 19, 2011 @06:18PM (#36493596)

    The Bitcoin protocol is secure, period. On the other hand, Bitcoin trading sites, pooled mining sites, and the dang computer on which you run bitcoin are not secure. Like cash, once stolen it is irrevocable and very difficult to track. These facts lead to a high incentive to hack your computer. Never before has hacking a computer lead so directly to somebody else's wealth.

    If bitcoins were regulated like USD, any trading service would have a full time security team maintaining and securing the system. Hacks of this magnitude would be much more rare, and much less damaging.

    Oh well, this will be interesting to watch unfold.

Things equal to nothing else are equal to each other.