Hacker News new | comments | ask | show | jobs | submit login
Bitstamp Accounts Frozen
190 points by TwoFactor on Jan 5, 2015 | hide | past | web | favorite | 107 comments
All customers should have received the following email. For some reason its not posted on their website.

-----

Dear customer,

Today our transaction processing server detected problems with our hot wallet and stopped processing withdrawals.

You should STOP SENDING bitcoin deposits to your Bitstamp account IMMEDIATELY as private keys of your deposit address may be lost.

Your bitcoins already deposited with us are stored in a cold wallet and can not be affected.

We will send you more info as soon as possible.

Best regards,

Bitstamp team




https://Bitstamp.net is now showing this message

Bitstamp Service Temporarily Suspended

We have reason to believe that one of Bitstamp’s operational wallets was compromised on January 4th, 2015.

As a security precaution against compromises Bitstamp only maintains a small fraction of customer bitcoins in online systems. Bitstamp maintains more than enough offline reserves to cover the compromised bitcoins.

IN THE MEANTIME, PLEASE DO NOT MAKE DEPOSITS TO PREVIOUSLY ISSUED BITCOIN DEPOSIT ADDRESSES. THEY CANNOT BE HONORED!

Customer deposits made prior to January 5th, 2015 9:00 UTC are fully covered by Bitstamp’s reserves. Deposits made to newly issued addresses provided after January 5th, 2015 9:00 UTC can be honored.

Bitstamp takes our security and soundness very seriously. In an excess of caution, we are suspending service as we continue to investigate. We will return to service and amend our security measures as appropriate.

Bitstamp Team



"IN THE MEANTIME, PLEASE DO NOT MAKE DEPOSITS TO PREVIOUSLY ISSUED BITCOIN DEPOSIT ADDRESSES. THEY CANNOT BE HONORED!"

Shouldn't deposits go directly to cold storage addresses for exactly this reason, and in case someone makes a large deposit that exceeds their desired hot/cold wallet ratio?


Each user needs their own deposit address, for bookkeeping. If the cold storage is really offline, you'd have to manually create a new address for each new user.


"Hierarchical deterministic wallets" (BIP0032) support parallel generation of public and private keys on different systems.

The bookkeeping system can generate an unlimited number of addresses from the public "seed" that corresponds to the private keys that will eventually be generated using the private key seed stored in the cold wallet.

However, I didn't consider that the hot wallet needs to be replenished as people withdrawal, which would require a steady flow of bitcoins from cold to hot storage. I think it would make sense to have a "warm" wallet for all deposits, then immediately send deposits to hot or cold wallets depending on withdrawal demand.


Anything which can automatically send to somewhere else is a hot wallet. No number of staging wallets inbetween makes it "cold".


Hence why I called it a "warm" wallet. It would online but isolated from other systems.


This sort of bad PR for Bitcoin and crypto in general could all be avoided if decentralized exchanges became a bit more fashionable.

I posted a link to http://bitshares.org earlier but now realise that there isn't that much information immediately obvious there on how the decentralised BitShares exchange works.

This episode from BitShares.tv provides a bit more information than the homepage on the main website:

https://www.youtube.com/watch?v=TtCVRIwcBYU&index=1&list=PLj...

Check it out if you're looking for a solution that avoids the risks associated with deposting to a centralized exchange such as Mt. Gox or Bitstamp.


This is strange. There's still nothing about this on their web site.

It's very suspicious when a Bitcoin exchange claims problems on the deposit side and stops processing withdrawals. Nobody trusts a Bitcoin exchange in trouble, with good reason given the history. On the other hand, it's 6:30 AM in London, where Bitstamp is, and their staff is probably not in yet. Bitstamp is still processing trades; they haven't shut down their trading engine.

Most merchants who accept Bitcoin do so through Coinbase, which sells on Bitstamp. Coinbase only holds a working float of Bitcoins. When Coinbase can't unload incoming Bitcoins, they start refusing transactions. So most Bitcoin e-commerce will stop within hours if this isn't fixed rapidly.

On top of that, Bitcoin, after being stable around $315-$320 or so for weeks, suddenly dropped to a low of $255 in the last 48 hours. Right now, it's around $270. Something is going on.


Who really knows what is going on at this point?

On top of that, Bitcoin, after being stable around $315-$320 or so for weeks, suddenly dropped to a low of $255 in the last 48 hours. Right now, it's around $270. Something is going on.

Stable for weeks is probably over stating it, looking at the chart it looks like almost exactly two weeks it was in that range, so technically it was weeks, but I wouldn't be quick to draw a direct connection between that recent price decline and this unfolding event, as the dominant pattern for the past 6 months or so has been a week or two of relative stability followed by a rapid decline.

[speculation] If this is a gox-esque scenario, there could be a connection with the recent price decline in that the price decline is what is causing them trouble and not a technical issue.


> It's very suspicious when a Bitcoin exchange claims problems on the deposit side and stops processing withdrawals.

I believe the problem is the following: if you deposit to a certain, old deposit address, that Bistamp has lost the private key to, the Bitstamp deposit system might credit your account with the bitcoins anyway, even though they are not there, because the private key is lost.

If you then withdraw bitcoins subsequently, you are literally withdrawing someone else's bitcoins, because the bitcoins you deposited never arrived, although the Bitstamp software architecture believes they are there, because the deposit address reflects a deposit -- Bitstamp just doesn't have the private key, so the balance of that address is irrelevant.

That's one meaningful explanation, at least.


> This is strange.

It is indeed strange...and strangely familiar. Every Bitcoin company that has had massive holes in its books has first claimed that technical difficulties were the reason they had to suspend withdrawals. Then over the following weeks comes the annoucement that the money has been stolen, lost, or law enforcement moves in and says it has been embezzled.

I would be extremely uncomfortable at the moment if I had money in Bitstamp. If withdrawal capability does come back online, try to get your money out ASAP.


Bitstamp has a blog, a web site, a Facebook page, and a Twitter feed. None of these have any mention of problems.

There's a report on Reddit that withdrawals stopped 16 hours ago: http://www.reddit.com/r/Bitcoin/comments/2rayix/bitstamp_bit...

Yet no official comments from Bitstamp. Just a strange email, possibly forged. That's a very bad sign.

"It is indeed strange...and strangely familiar."

Right. This is a pattern we've seen so many times before in the Bitcoin world.

"If withdrawal capability does come back online, try to get your money out ASAP."

Yes. Definitely.


When logged in on the balance page it says: "DO NOT DEPOSIT TO PREVIOUSLY PROVIDED BITCOIN DEPOSIT ADDRESSES. Deposits sent to previous address will not be honored. New deposit addresses are forthcoming.".


::sigh:: This is one of the reasons that Bitcoin core discourages address reuse.


It looks like they use a specific/unique deposit address for each user. Where exactly is the address reuse in this case that you mention?


I think he means you use a new address for each deposit.


How is this supposed to work in the real world? Imagine if you had to mail the payment for your electric bill to a different address every month.


The site gives you a new address for each deposit. You are not going to remember the address anyway. So it doesn't matter if it changes.


More generally, though. "Bitcoin core discourages address reuse." I work for the company of the future and I get paid in bitcoins. I'm supposed to log into the payroll system and enter a new address every two weeks?


There are two similar methods for generating addresses for a recipient.

Hierarchical deterministic wallets (HD wallets, BIP 32): https://github.com/bitcoin/bips/blob/master/bip-0032.mediawi...

Stealth addresses: http://sx.dyne.org/stealth.html

The former is more broadly supported.


Thanks. That's interesting, though I have to admit I'm not excited about the prospect of using it.


If you trust the other party, you don't have to clear the transaction through the block chain.

You could also just log in and supervise two automated systems interacting, rather than entering numbers.

(Mind you, I don't believe in the glorious future of bitcoin, but any wider usage will certainly be accompanied by better UX)


Thats a pretty fundamental confusion, but it's forgivable due to bad naming.

An address isn't a destination in Bitcoin, it functions more like the serial number of a bill (though the system is able to handle duplication). It would be better thought of as an invoice number.

You don't expect to reuse a different invoice number of separate payments.


I believe the "Payment Protocol" is supposed to help solve this. Look up BIP 0070 if you're interesdted.


If the analogy is accurate, then the pre-addressed envelope that comes with your bill already has the unique address on it, so you don't have to do anything special. What's the problem?


Ah, good point. I said electric bill, but was mentally focusing on the few checks I still hand address, for which I don't necessarily receive monthly bills (rent, etc.).


For that scenario, you'd presumably have some system worked out where you can quickly say, "hey, what's the address for this payment?" And being on the internet instead of going through the mail, you don't have to wait a week for the answer.


Well, at least they're doing that. But there's still no explanation on their site, blog, Twitter, or Facebook, and it's after 8 AM on Monday in London.

Expect this to start hitting the financial press in London in the next hour or two.


I think you overestimate Bitcoin's media profile. FT Alphaville is just mentioning yesterday's crash. Apart from that, only the Bitcoin press and fragments of the tech press (Wired, TechCrunch) have mentioned Bitstamp.

edit: whoops, added to the FT Alphaville article! http://ftalphaville.ft.com/2015/01/05/2079012/who-needs-cave... Come in via Google News for full text. They're using it as one example in a piece on how Bitcoin's infrastructures and the community's ability to assess expertise are not very good.


I think you overestimate Bitcoin's media profile.

Two days later, it's in the Economist, Wall Street Journal, USA Today, etc.

Mt. Gox underestimated Bitcoin's media profile. When they went down, they acted as if the event would mostly be ignored and they could quietly get away with it. Instead, they got coverage in just about major business newspaper worldwide: WSJ, NYT, Forbes, South China Morning Post, China Daily, even al-Jazeera and Russia Today.

Bitstamp seems to be dead. They said they'd be down for "24-48 hours". Two days later they're still down. They haven't issued any new statements. There's a good chance they're in "take the money and run" mode.


Evidently I underestimated it.

It's pretty clear Bitstamp is buggered.

Wonder what Bitpay are going to do, since their "aggregate price" turns out to have long closely tracked ... Bitstamp. How in the bag are they? Did they in fact cash out daily?


> try to get your money out ASAP.

This is probably what a lot of people will try to do, which will lead to further drops in price.

I wouldn't be surprised to see prices break the 1y low at this point.


"I wouldn't be surprised to see prices break the 1y low at this point."

Already happened. Yesterday.

Bitstamp now has a huge PR problem. Even if they "fix" the problem and resume withdrawals, no one will believe they're solvent without an outside audit. They had a sort-of audit once before (Bitcoins only, not fiat), but now customers will want a full audit.


This is obviously bad - and certainly suspicious... but the lack of withdrawals given the situation is just sensible.

Withdrawals will require movement from cold storage - am I right? Well - if you've got a security problem with your hot wallet, then this would be a ridiculously stupid thing to enable.


Most merchants who accept Bitcoin do so through Coinbase, which sells on Bitstamp. Coinbase only holds a working float of Bitcoins. When Coinbase can't unload incoming Bitcoins, they start refusing transactions. So most Bitcoin e-commerce will stop within hours if this isn't fixed rapidly.

Most? Source? Bitpay seems to be bigger than Coinbase

And wouldn't Coinbase just sell somewhere else, instead of shutting down their entire business?

Your claim that most Bitcoin e-commerce will stop within hours seems implausible


http://www.coindesk.com/bitcoin-ecosystem-feels-far-reaching...

"From payment processors serving billion-dollar merchants to bitcoin ATMs and advanced trading platforms, Bitstamp's stoppage caused quoted prices in bitcoin to become inaccurate, some products to be suspended and select services to be retailored in light of the interruption."

It turns out that BitPay got their pricing from Bitstamp. Robocoin also used mostly Bitstamp, and had to switch exchanges.


This is tiresome. This event is obviously disastrous for Bitstamp and bad for Bitcoin, I was just politely calling you out for making a hasty and alarmist prediction that was full of poorly-founded conjecture and misinformation.

If you had just said something like "I think this is probably going to cause a lot of problems for the Bitcoin eco-system..." that would have been a reasonable guess. The article you linked to actually shows that, but it does not show the effect that you predicted. It does not show "most Bitcoin e-commerce" stopping.


"Coinbase, which sells on Bitstamp"

Not exclusively. Coinbase also sells (and buys) bitcoins directly to consumers. In fact, Coinbase is probably the biggest seller of bitcoins in the US (or second biggest after Circle.com - none of these companies publish volume numbers due to competitive reasons).

"Something is going on."

What is going on is very simple: customers of Bitstamp see that bitcoin withdrawals are halted. So the only way to get money out of the exchange is to sell coins and withdraw fiat. This selling activity is what is causing the price to crash. This always happens whenever an exchange halts bitcoin withdrawals (eg. see MtGox's demise in early 2014).

Edit: @TylerE: some customers usually learn about news before others: friends of employees, or even simply the first affected customers (before a public statement is made... remember: rumors spread fast). Again, the same scenario happened with MtGox: the exchange rate started crashing on MtGox a few days before the public news of their insolvency came out. I have been trading BTC for 4 years. I have seen how most of these scenarios play out in the Bitcoin world.


The crash was 12 hrs before anything happened at Bitstamp.


12 hrs before __you__ knew anything happened at Bitstamp.


The smart money always leaves before the price goes down.

The dumb money always leaves after the prices has gone down.

If you don't know who the dumb one is, it is you.


Bitcoin exchanges actually can't stop people from sending them new Bitcoin deposits because the Bitcoin protocol doesn't provide any way to block new transactions to their existing deposit addresses. About the best they can do is to send out an e-mail like this one.


Even worse, some people used to (don't know if many still do) set up a payout address on whatever mining pool they're using directly to an address on an exchange. Ouch.


In all fairness every exchange ever that I've come across always quite explicitly says 'don't ever do that'.


If their hot wallet is out of commission, they have nowhere to send withdrawals from, so it makes sense from that angle.

They're definitely communicating poorly, though.


Andreessen said on Twitter earlier today that he thinks the BTC price drop is due to inefficient miners selling BTC to fund OPEX and keep operations going. This activity is seen in the hash rate.


I think (NO EVIDENCE!) that people using BTC over Christmas and in the sales is likely to be a factor in driving the price down. Retailers immediately exchange the coins for $$ to avoid the risk of holding them, so this is a substantial liquidity call on the currency.


Until there is a bank that can credibly hold onto BitCoin deposits, these sorts of things are going to hinder further the viability and credibility of BitCoin as a mechanism of transaction (Mt Gox seems to have done a ton of damage). As of right now, it seems it's very hard for BTC to be stored safely at a stable price, and keeping your money in a world currency seems like a better investment, for now. I know my sentiments are going to be unpopular with some BTC champions, but as an observer with no BTC, I am wary of using BTC. Just my .02 BTC.


Agree. Other, somewhat similar problem, is that it is actually hard to buy bitcoin. I don't feel like sending a copy of my ID to some exchange (which can be gone in a year or two). I wouldn't mind sending it to some established financial institution (HSBC, Barclays, whatever). But not some company which just popped up.


I think a tweet from a few years ago sums up the situation (at least in terms of "conventional wisdom"):

   You know what’s cooler than a million dollars?
   Virtual currency backed by nothing and nobody.
   @ReformedBroker
The only reason BitCoin exists is because of all the problems with existing currencies and payment mechanisms. It solves a lot of those problems, but creates new problems of its own.


>"The only reason BitCoin exists is because of all the problems with existing currencies and payment mechanisms. It solves a lot of those problems,"

What problems would that be?


There are all kinds of problems with existing currencies.

Ask a Russian if they're feeling good about the recent fluctuations in the value of the ruble. It's telling that some Russians consider Bitcoin to be more stable than their national currency!

Ask an Argentinian if they're happy with the currency controls their government has imposed on them.[1]:

   –In the U.S., bitcoin payment processors generally
   find merchants want them to immediately convert
   their bitcoins into dollars.

   In Argentina, the exact opposite occurs.
   Firms such as San Francisco-based BitPagos
   will take the dollars received by tourism
   industry clients in Buenos Aires and deliver
   them bitcoins in return.

   That their clients are opting for this says
   much about Argentina’s dysfunctional financial
   system and bitcoin’s potential to provide an
   escape route for citizens of countries with
   strict currency controls.
Those are just two quick examples.

[1] http://blogs.wsj.com/moneybeat/2014/06/25/bitbeat-why-bitcoi...


Hard (impossible?) to transfer money on weekends for example ?


http://en.wikipedia.org/wiki/Faster_Payments_Service / http://www.fasterpayments.org.uk/about-us/benefits-faster-pa... : 24/7 accessible from internet banking in the UK.

(US banking is technologically backwards even by the normal low standards of the banking industry, partly due to less aggressive pro-consumer regulatory coordination)


Interesting, however in Sweden I recently had to wait six(!) days for a transfer occuring during christmas + normal weekend. It would have been faster do post a letter with the money :P


Instantly transferring money around the world with near zero fees is a great example.


Since you appear to be struggling with the basic concept of bitcoin, here's the first phrase from Bitcoin.org for you:

    Bitcoin uses peer-to-peer technology
    to operate with no central authority or banks


Most Bitcoin users struggle with the basic concept of Bitcoin then. While you can "be your own bank", most coins (no reference, just surmising) are in exchanges rather than wallets owned by the end user. So despite the marketing copy, there's a ton of Bitcoin stored in what are essentially "banks".


> most coins (no reference, just surmising) are in exchanges rather than wallets owned by the end user.

Are you saying there are 7+ million BTC stored on exchanges? I disagree based on two data points: Bistamp's reserves were 180K in November 2013 and MtGox's were 850K (with 650K of them missing) at the time of its death.

Even if you add BTC-E, Chinese exchanges, Coinbase and LocalBitcoins, it most likely won't exceed 2-3 million which means the remaining 80% is owned by end users directly.


Honestly, I don't know. I'm thinking mostly of "active" coins, not those that haven't moved in years. I personally think that Satoshi's coins will never move.

So even if it's a minority at 20%, that's a pretty substantial number, and I can't imagine why it won't grow. Bitcoin's success depends on mass adoption, and I can't imagine a scenario where Jane Public would rather learn the technical skills to secure a local wallet versus trusting a company like Coinbase or Circle.


Can be your own bank, not "is and always be completely devoid of any kind of banking institute"

America is a free country, but not everyone in America is free (some are in prison, for instance).


Absolutely. I was addressing the idea that Bitcoin is automatically decentralized, which is very much untrue for a significant number (though perhaps I was incorrect in saying "most" - I don't have those numbers, but neither does anyone else it would seem)


most coins (no reference, just surmising) are in exchanges rather than wallets owned by the end user.

Wrong.

And this is why these Bitcoin debates are so annoying and repetitive.

For some reason everyone feels entitled to their little doomsday speech without bothering to research even their most basic premises.


There's a difference between making an educated guess and "have no clue what you are talking about". I first mined in 2011, and have purchased through numerous exchanges since then. An increasing number of users aren't geeks who give a damn about crypto: they want to get into Bitcoin with the easiest on-ramp.

edit: Did you totally change your reply? From the time I started my comment to hitting submit, your comment completely changed.

But to your point, you're presuming I have no clue, that I own no Bitcoin, that I'm not a regular participant in communities like Bitcointalk and /r/bitcoin. You believe there's a world where everyone has paper wallets and Trezors and ASICs. No: the early adopters are becoming a smaller percentage of the Bitcoin world. People are buying via Coinbase and Circle, and if they're really advanced, they sweep to a hosted wallet on Blockchain. Even many miners aren't immediately sweeping their coins, instead, leaving them on the pools. Do you really think it's going the opposite direction, towards less centralization?


There's a difference between making an educated guess and "have no clue what you are talking about"

...

See the comment by qnr.


If you're going to keep changing your comments, please mark them with "edit".

I don't have the numbers, but guess what, you don't either. I'm going on mostly anecdotal evidence: Bitpay's growth, Circle's growth, Coinbase's growth, etc. I may be wrong about "most", but in the face of hard numbers (which many companies like Coinbase don't provide), how could any observation of the community not lean towards a conclusion of increasing centralization?


The point is that most people are never going to adopt Bitcoin if they have to worry about the technical side of securing their own funds. And given that there are many examples of incompetence and/or fraud within exchanges and other nascent businesses that intend to handle elements of that security on behalf of customers, and no enforced regulations such as you find in the traditional banking sector, you can imagine that this isn't going to change any time soon.


> most people are never going to adopt [cash] if they have to worry about the technical side of securing their own funds

It would have been true, too, if gold bars were what we were talking about when we talked about cash. BTC needs the convenience equivalent of keeping greenbacks in a wallet in your pocket. Probably a mobile app with a good UX would do it, maybe one built into the OS at a low level ala Apple Pay.


The point is that most people are never going to adopt Bitcoin if they have to worry about the technical side of securing their own funds

And most people are never going to buy physical gold because they have to worry about the technical side of securing their own funds.

Know what? Bitcoin/Gold is not for these people respectively, and nobody ever claimed otherwise.


> Know what? Bitcoin/Gold is not for these people respectively, and nobody ever claimed otherwise.

Well, I can assure you that in threads and forums other than this one that plenty of people have claimed Bitcoin is destined to replace traditional currencies worldwide. Though I do recognize that you made no such assertion here.

> And most people are never going to buy physical gold because they have to worry about the technical side of securing their own funds.

Plenty of people do trade/invest in gold through avenues other than direct physical ownership (ETFs, etc). At the moment it definitely at least "feels like" it's impossible to do that with respect to Bitcoin due to the security issues and general shadiness that seem to plague many Bitcoin-related companies. The supposed Bitcoin ETF that is forever just-around-the-corner could alleviate some of the concerns with respect to accounting issues and negating the "take-the-money-and-run" factor, but I'm not sure there would be reason to trust them to any greater degree with respect to cryptographic security of their holdings of any virtual currency.


> I can assure you that in threads and forums other than this one that plenty of people have claimed Bitcoin is destined to replace traditional currencies worldwide

At the risk of pissing off numerous Bitcoin fanboys, I think Ripple has a greater chance of world domination than Bitcoin, despite their different purposes/design. Any currency that isn't linked to a power base, IMHO, has little chance for world domination. Then again, what do I know... IANAE (economist :).


At the moment it definitely at least "feels like" it's impossible to do that with respect to Bitcoin due to...

Yes, and it also "feels like" it's impossible to use a chainsaw as a toothpick.

Maybe you should just refrain from doing that then?

Only because Bitcoin is a currency doesn't mean it will replace all existing currencies next year, be an amazing investment vehicle or fulfill any other of the wet dreams that people may have about it.

Like everything it is better for some purposes and worse for others. Stop blaming the chainsaw for not being a toothpick.


Except people who buy physical gold don't have to worry about "the technical side of securing their own funds" because they can put their gold in a safe deposit box... at a bank.

The safety of your Bitcoin, on the other hand, depends on some level on your own technical expertise. As long as this is the case, owning Bitcoin will never be as safe as owning gold.


>and nobody ever claimed otherwise.

except lots and lots of bitcoin advocates.


https://www.irccloud.com/pastebin/1cvm62al

this is all I could find from Twitter search: does the timing match up at all?

11:48 AM <jecar> protip 11:48 AM <jecar> and exchange is getting hacked now 11:48 AM <jecar> GOXXED 11:49 AM <jecar> an exchange 11:49 AM <heaven> what 11:49 AM <jecar> guess which one im goxxing 11:49 AM <jecar> thats why prices are falling 11:49 AM → dzan joined ⇐ mpm quit 11:50 AM <Fate> you sound like shovel 11:50 AM <Fate> hi shovel


Always really important not to jump to conclusions on these things, but I can't help but be curious to know what time zone these time stamps are in. Unfortunately, there doesn't appear to be any way to find out. The http headers for that page also simply report the current time.


More info: https://coinfire.cf/2015/01/05/bitstamp-confirms-deposit-add...

"We are working to determine what has gone wrong. The majority of our coins are swept and placed in cold storage often so this shouldn’t be a major issue right now but we are still working to determine the breadth of the issue. This seems to be a server issue and not a compromise but our teams are still investigating."


I don't like the wording here:

The majority of our coins are swept and placed in cold storage often so this shouldn't be a major issue right now.

It leaves too much wiggle room. It's like saying:

At least some coins have not been placed in cold storage so this could be an issue.

Does not look good.


To be fair, they have to leave some wiggle room while they investigate the extent of the hack.

With a bit of luck just the hot wallet got compromised, they trace how, fix it and honour any deposits made to the that wallet before the breach was detected. So far this is exactly what they say they are going to do. Time will tell but there's no reason to believe they wont act correctly at this stage.


On the other hand, this makes for uncomfortable reading (was posted to r/bitcoin earlier today): http://pastebin.com/ufNLW7xZ


The whole point of cold storage is that only some coins are swept into it (and some remain in a "hot" wallet which is used to process transactions) so I don't think you can read what you have into this statement.


Unless their hot wallet was always empty (and how could it be, since it's by definition used for operations), there is no way they can say all of their coins are safe and none are missing. It's all they can say unless they know 100% for sure what was taken and what is safe.



What an amazing coincidence they got hacked the day after a price crash! I wonder how this could keep happening.


Yes it is. It is almost as though someone might have a vested interest in announcing a problem at exactly this point in time.


Almost only, of course - I'm sure everyone at Bitstamp, and indeed every Bitcoin exchange, is of unimpeachable integrity, and it's just capricious Fortuna toying with their hot wallets.


You might think this, but I could not possibly comment :)


To be fair, conventional banks say "Yes, Mr. Smith, I'm sorry but it seems we misplaced all your money irretrievably. Sorry. It's gone. Forever. No, I'm sorry, but we aren't liable. Have a great day!" all the time. NO WAIT, THEY DON'T DO ANYTHING OF THE SORT.


Banks used to do this sort of thing before the FDIC was established, but as you rightly point out the level of professionalism is somewhat lacking in these outfits.


Looks like there were transfers out of the hot wallet addresses starting yesterday morning sometime. $6M US: http://www.reddit.com/r/BitcoinMarkets/comments/2rd8h8/daily...


Well, ever since I lost my bitcoins on gox I don't let anything on exchanges. This because if you let your coins on an exchange they are not yours, if the exchange closes you can loose everything. What I've been using recently is the BitShares decentralized exchange. I can save my assets there and everything seems to run smoothly up until now. It seems to be a nice solution, you can still trade and don't need to worry about exchanges going down. Not to mention their market pegged assets have prevented me from loosing some money on this last price drop. If you would like to try it, here is a link http://bitshares.org/ it's still something new but definitely worth checking out, it solves most problems with crypto, which is trusting exchanges and volatility


I am a long bitstamp customer and I have not received such email.


Do you consider that a good or bad thing?


Just checked my email again, and indeed I have received it now.


Got it now too (about 2.5 hours after grondilus post). I wonder why it is happening so slowly... Are they mailing us manually?


If you suddenly start sending a much larger volume of mail, it can get flagged as spam.


They are probably using the same queue that they use to send other email, which is likely rate limited.


seconded


> You should STOP SENDING bitcoin deposits to your Bitstamp account IMMEDIATELY as private keys of your deposit address may be lost.

I read this as wallet file(s) having been corrupted. The way to avoid this is to use deterministic[1] wallets

However...

> We have reason to believe that one of Bitstamp’s operational wallets was compromised on January 4th, 2015.

makes it sound like one would be wise to short sell btc immediately.

[1] https://github.com/bitcoin/bips/blob/master/bip-0032.mediawi...


I was also not able to log in for few hours to kraken.com. I would be just informed to try later. I never saw a notification about it. And of course I was not able to cancel my order while the price was dropping.

Every time I try to touch bitcoin I lose money before I even buy them. And when the price starts dropping all the exchanges become a bit shady.


Hopefully most people learned from the MTGox fiasco and weren't keeping all of their coins on a Bitstamp provided deposit wallet (not that there's any indication at this stage that the bulk of bitstamp's deposits are under threat but, you know, better to be safe than sorry...)


Bitstamp needs a crisis PR team right now. They're blowing it. They've announced "we're down, we don't know what happened, we don't know when we will be back up, but everybody's assets are just fine. Trust us."

That's not how you do crisis PR. In this situation, a company has to overcommunicate.

Their CEO should have called a press conference for noon in London. All the financial press would show up. They should be announcing "We've been attacked. All customer funds should be intact, but we're shutting down temporarily for a snap audit. We've brought in outside auditors. We've notified the Metropolitan Police (Scotland Yard). Here are their representatives and you can question them. We will have another press conference in 24 hours".

Now people will be asking hard questions, such as "Is Bitstamp really in London or are they really in Slovenia", and "Why is the CEO on a plane for Vegas?" (Going to CES, yes, but in this situation, he needs to get back to the office.)


Considering that you just figured out very nearly exactly what's happening (sans press conferences) - how exactly are they blowing it?

PS: There is no current Concorde service.


Boy am I glad I moved all my crypto holdings from Bitstamp to a decentralized exchange (http://www.bitshares.org)

Feels a lot safer having it all in there!


Needless to say, /r/buttcoin has run out of popcorn. So it's had to move to altcorns.


I think the title of this thread should be edited since its highly misleading and first thing people thing is their bank account was closed which would be a huge kick in balls to bitcoin.

edit: quite possibly this is a false rumor being spread by malicious party to sink bitcoin for their profit, now the title and the tone makes sense to me, as well as lack of any news about this from bitstamp

edit2: checked r/Bitcoin seems convincingly legit but still nothing official from bitstamp, might be good idea for people to use better exchanges like Kraken anyways, those guys are cool




Applications are open for YC Summer 2019

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: