BitcoinBlogExchangesWallets

After $5M Hack, Bitstamp Shutdown, in Crisis Mode

The news induced a shudder across the bitcoin ecosystem. Yesterday, one of the biggest bitcoin exchanges Bitstamp announced that its services were temporarily suspended due to a security issue.

Apparently, Bitstamp’s hot wallet services were hacked.

The exchange issued a the following statement slightly after midnight UTC on January 6th.

We have temporarily suspended Bitstamp services. Bitstamp customers can rest assured that their bitcoins held with us prior to temporary suspension of services on January 5th (at 9am UTC) are completely safe and will be honored in full.

On January 4th, some of Bitstamp’s operational wallets were compromised, resulting in a loss of less than 19,000 BTC. Upon learning of the breach, we immediately notified all customers that they should no longer make deposits to previously issued bitcoin deposit addresses. To repeat, customers should NOT make any deposits to previously issued bitcoin deposit addresses. As an additional security measure, we suspended our systems while we fully investigate the incident and actively engage with law enforcement officials.

This breach represents a small fraction of Bitstamp’s total bitcoin reserves, the overwhelming majority of which are held in secure offline cold storage systems. We would like to reassure all Bitstamp customers that their balances held prior to our temporary suspension of services will not be affected and will be honored in full.

Bitstamp’s first notice on Twitter appeared after 2 am UTC on January 5th.

This was followed by a series of anxious tweets from Bitstamp CEO Nejc Kodrič …

As Bitstamp user posted on Reddit problems making a deposit at around 3 am UTC.

A few hours ago I made 2 deposits to Bitstamp. After lagging 7 confirmations behind on the blockchain, they each disappeared from the incoming transactions list WITHOUT updating my balance, which still sits at zero bitcoins. No transfers or sales have been made under the account and there is no indication that it’s been compromised. Bitstamp haven’t contacted me. Coins from one of the deposits has already been transferred to address https://blockchain.info/address/1JoktQJhCzuCQkt3GnQ8Xddcq4mUgNyXEa[1] which I assume belongs to Bitstamp. I’ve contacted support.

Kodrič’s tweet at around 4 am UTC reveals his concern about the attack.

Around 6 am UTC

To be fair, Kodrič makes an effort to reassure the exchange’s customers.

Some users on social media believe that Bitstamp acted quickly, alerted customers, and shut down services. Based on the timeline though, Bitstamp management suspended operations seven or more hours after they first publicized the security breach.

The exchange noted that the amount lost represented a small portion of its reserves. but, if that number is as high as 19,000 BTC, that is no small change – valued currently at around US$5.2 million.

There is a lot of speculation that Bitstamp was a victim of a random number generator (RNG) attack. A weak or false RNG makes it easier for a hacker to detect a pattern and hack into a wallet. The hack will do some damage to Bitstamp’s reputation, particulary as almost 32 hours later the exchange is still down.

Journalist, policy analyst, and evangelist of new, disruptive technologies including big data analytics, Internet of Things, and cryptocurrencies. Internet industry veteran with regional c-suite experience, and journalist credentials earned at internet.com, Internet World magazine, and Mecklermedia Corporation.
Free AllCoinsNews Email Updates
Get the latest cryptotoken market news and blockchain developments!
We respect your privacy.