Bitfinex took my bitcoins

[arie_pk]

Hi to all
I would like to describe what happened to us, and hear your opinions about it.
About a month ago, Bitfinex announced they were hacked, and advised all traders to use new addresses for depositing bitcoins. We did comply and started using new addresses. The problem is - we are a corporate account, and more than one person is trading on the same account.
A few days ago, one of our traders deposited 15btc, to the old bitfinex address (note - this hapened a month after the "hacking" occurred}. The bitcoins were not credited to our account, and bitfinex rely to our enquiri was:

"As you can see in the announcement here: https://www.bitfinex.com/pages/announcements/?id=35 that you read when logging in on Jun, 17 2015 07:56:48 UTC (and that have been sent by email on May 22), you should no longer use the old deposit addresses, as they have been compromised.

We have unfortunately not been able to recover your BTC and therefore can not credit them in your account."

They did not bother to answer to my follow up email again

My  questions are those:
1. Should they not be responsible for funds sent to their own address supplied to us by them?
2. Once they knew about the hacking, could or should they have taken steps to block or prevent this kind of thing from happening?
3. How can i even be sure they have not got the 15 BT, and just kept them?
4. can this considered a criminal act? (I do think it is criminal).
5. Can I do something to force their hand?

Looking forward to your answers and advise

[Foxpup]

1. Not if they told you beforehand that it's not their address anymore...
2. ...which they did. At least twice.
3. Because a company being hacked is bad news, and they risk losing customers as a result, so they're not going to publicly announce that fact unless it was actually true.
4. No.
5. You can sue them, which will force them to explain how it's all your fault. They took all reasonable measures to prevent you from sending your money to the hacked address, but you (or your employee who you're responsible for training) did it anyway. That's your fault, so you will almost certainly lose if you take the matter to court.

[arie_pk]

Well, that's one way to look at it.
But for me, bitfinex is just a broker - like any other broker. He is responsible to take all possible measures to protect the customer's funds (and that goes way beyond emailing a warning to the customer).
I do not know a lot about the technology of bitcoin and what  makes it move around- but i am sure bitcoin has experts on that. I also know that bitcoins can be traced, by people that know what they are doing. My question is - since they had a month to work on it - could't and should't they have traced the hacked addressees?  Stopped whoever was doing that - and put some kind of blockage on those addresses to make the funds return? Even if it is a complicated procedure, as long as they are solvent and operating, it is their duty to do that. And suppose it is a very costly procedure, and they prefer not to go in to that kind of expenditure, then they should take the cheaper way around it, and reimburse the probably very few customer who happened to make the mistake of sending their funds to this bottomless hacked addresses.
Fox pup - I thank you for your answer - and I see and and respect your opinion. But looking at your background, I think you are not a fox pup in the bitcoin community - but an old fox. You probably know everything about the subject and i am sure you will never make a stupid mistake like us novices did.  From your point of view, somebody that does something that negligent, should pay for his mistake and for his ignorance.  But I still think that the protection of customer funds is also the brokers duty, and if he allows intruders to get to customer funds, obviously because of his own shortcomings,  he should do everything to stop it from happening again, and fails, then he should pay the price.
So I would be happy to hear some more opinions on that

[ranlo]

1. Not if they told you beforehand that it's not their address anymore...
2. ...which they did. At least twice.
3. Because a company being hacked is bad news, and they risk losing customers as a result, so they're not going to publicly announce that fact unless it was actually true.
4. No.
5. You can sue them, which will force them to explain how it's all your fault. They took all reasonable measures to prevent you from sending your money to the hacked address, but you (or your employee who you're responsible for training) did it anyway. That's your fault, so you will almost certainly lose if you take the matter to court.

My thoughts exactly. Bitfinex has been awesome to me for many months now. I ran into an issue a while back and they responded to my email within 15m and were more than accommodating with resolving my problem.

I think OP's problem is less with Bitfinex and more with his own protocol with regards to address usage...

[Foxpup]

Fox pup - I thank you for your answer - and I see and and respect your opinion. But looking at your background, I think you are not a fox pup in the bitcoin community - but an old fox. You probably know everything about the subject and i am sure you will never make a stupid mistake like us novices did.  From your point of view, somebody that does something that negligent, should pay for his mistake and for his ignorance.

Oh, I've made stupid mistakes, believe me. And I've paid for them. You should be grateful yours only cost you BTC15. I've got a long way to go before I'm truly an "old fox". But that's another story.

Bitcoin is not a soft currency. It is a hard currency, like cash. There is no way to block or reverse transactions and it is entirely the sender's responsibility to ensure transactions are made correctly. The situation is exactly analogous to you sending cash in an envelope to the wrong address, even after the company has repeatedly given you the correct address. They can't give you your money back because they don't have your money and can't get it. Bitfinex has taken reasonable steps to ensure you have the correct addresses, so it's your responsibility at this point.

[ACCTseller]

Let me see if I am understanding you correctly, you were advised to not send bitcoin to an old deposit address, you received such advisement, however you sent bitcoin to that address anyway? I don't think the fact that you have a "corporate" account makes a difference here. Even if you were not warned, you should not have been sending bitcoin to the same address multiple times.

I think it is pretty clear that bitfinex is not liable in this case and that your trader is entirely at fault.

[WhatTheGox]

Bitcoin being "complex" like this is going to keep people who want simple payment options away from bitcoin.

However bitfinex acted correctly in this case i feel OP.