Steemit, the blockchain-powered social network, was the victim of a cyber-attack which resulted in around $85,000 worth of Steem Dollars and Steem being stolen from approximately 260 accounts. The hack is apparently now contained and user accounts and wallets are not at risk. Any users whose accounts were compromised will be completely reimbursed.
Ned Scott, Steemit CEO, commented: “Though only a relatively small amount of Steem was stolen, we take any form of criminal activity against our community extremely seriously. We have reported the hack to police and other cybercrime authorities, including the FBI. A full, internal investigation is currently being conducted and we are working on an immediate solution.”
Bittrex, Steemit’s partner exchange, was informed of the compromise and took an active role in helping the investigation. As a precaution, they have temporarily suspended the ability to deposit or withdrawal Steem and Steem Dollars from their exchange until completing an analysis of the wallet. Once it has passed their compliance checks, they will reopen the wallet for deposits and withdrawals.
After conducting further analysis and following hack containment procedures, Steemit has been able to narrow the potential number of compromised accounts. In the past few hours, the Steemit team has been able to coordinate with elected witnesses to secure potentially compromised accounts with balances exceeding $100 US. As a result these accounts have been restored to their rightful owners.
Within the next 48 hours, Steemit will begin to allow all newly secured accounts to reset their passwords by logging in with the same Facebook or Reddit credentials that were used to register in the first place. This process is expected to work for the vast majority of the potentially compromised accounts. All of these account holders will regain full access to their funds and their original account name. the Steemit team has urged users to reset their account passwords to ensure that everyone’s account is secure.