Loanbase Security Breach

[sunildhillon]

Message from Loanbase (p2p lending site):

We've discovered that there was a security breach, which resulted in the loss of roughly around 8 BTC. At this stage this is an estimate based on the confirmed breach of 4 user accounts. The maximum amount which may have been lost does not exceed 20 BTC. We detected that the unauthorized access of the user accounts occurred early in the morning on February 6th and continued throughout the day. For more information, please see below.
Here is what we know about the hack at this stage:
1. 4 accounts were confirmed to be compromised.
The accounts compromised did not have two-factor authentication enabled.
2. The hackers did not gain access to the Bitcoin wallets.
3. The breach occurred via a security hole in the WordPress blog (we will provide more details later).
4. The hackers did gain access to our SQL database, this means that sensitive user information may have been leaked, such as: e-mail addresses, phone numbers, names, etc.
5. Will the funds be reimbursed to those that had an unauthorized withdrawal?
Yes, we will return all the funds of the users who have had an unauthorized withdrawal.
What's next?
1. We're going to take the following steps:
2. We've taken down the website for a security update.
3. All of the passwords have been reset.
4. Any withdrawals which were approved, but not processed yet, will all be rejected.
5. We're going to implement additional security procedures, which will help with an earlier detection of such breaches.
6. Once we bring the website up, we will request that our users change their passwords and update their TFA.
When will the website be up?
Our team is working overtime, so we hope that it shouldn't take us more than 24 hours. We'll keep everybody posted via e-mail, Twitter and Facebook.

[rammy2k2]

are you the admin or from site staff, or u just copy pasted this ?

[coaltin]

can u provide valid links to the claim.As i can see only top google result is : https://www.reddit.com/r/Bitcoin/comments/44l4gk/loanbase_security_breach/
which i suppose is by the OP

[sunildhillon]

I'm neither a staff, not it's CEO or anything, I'm just a loanbase user. I copy pasted it from their post.
Link to their official post:
https://www.facebook.com/loanbase/posts/583222315178578

From their official twitter handle: https://twitter.com/loanbaseInc you can read their tweets.

Authentication of links can be made by visiting the site directly at www.loanbase.com and then going to their twitter and facebook page.

Update: Their facebook is not properly linked: Their facebook handle is www.facebook.com/loanbase

[wayniac30]

Today i received this email:

Code:

Due to the recent security breach, we have locked your account. You will not be able to access your account until you reset your password. Please click on the link below in order to reset your password:
LINK REMOVED
For security reasons, we have also reverted your two-factor authentication to your backup device, so you will have to use your phone to receive an SMS in order to pass the TFA verification upon login. Please generate a new two-factor authentication code, you will need your phone in order to receive an SMS and redo TFA. We apologize for any issues which may be caused by this. 

[lumeire]

Hi Guys,

Just to let you know, please change your passwords in LoanBase, and any other services you have the same e-mail and password used to. Activate your 2FA! Apparently I have the same passwords for my PoloniEX, BTER, and BTC-e accounts.

I only noticed it now, that last Feb 7 there was an e-mail by LoanBase that their database has been breached, and the attacker had access to account usernames and passwords.

The same day, I had 3 e-mails, 1 PoloniEX, 1 BTER, and 1 BTC-e, each saying there was successful authorization/logins. Fortunately I don't keep money on exchanges. 2FA was disabled for those accounts.

Just to be safe, use 2FA and change your password!

[sunildhillon]

Hi Guys,

Just to let you know, please change your passwords in LoanBase and any other services you have the same e-mail and password used to. Activate your 2FA! Apparently I have the same passwords for my PoloniEX, BTER, and BTC-e-accounts.

I only noticed it now, that last Feb 7 there was an e-mail by LoanBase that their database has been breached, and the attacker had access to account usernames and passwords.

The same day, I had 3 e-mails, 1 PoloniEX, 1 BTER, and 1 BTC-e, each saying there was successful authorization/logins. Fortunately, I don't keep money on exchanges. 2FA was disabled for those accounts.

Just to be safe, use 2FA and change your password!

I'd suggest you to reset your passwords, you have kept your passwords same across many platforms, which resulted in un-authorized logins in various platforms. You should report the same to loanbase.com support via their email support@loanbase.com.

PS: Everyone has received an email asking them to change their password.

[lumeire]

Yeah stupid me, I should have varied the passwords even for just 1 letter per platform. Good thing I don't have anything stored on those exchanges. I've activated 2FA for all too.