bitcoin-central.net say they detected a security-breach

[Nick]

[Apr-1 10:30 CET] Bitcoin-Central and Paytunia update: Our customer's bitcoins and euros are safe and will not be affected by the security breach. We have taken the websites off-line for proper investigation.

The address 1LrPYjto3hsLzWJNstghuwdrQXB96KbrCy is under our exclusive control.

from
https://bitcoin-central.net/

Now why did that take so long? Good news though. Can't wait to hear the details. Then I will consider if I'll do business with them again, have made good experiences in the past.

[1714926586]

1714926586

[1714926586]

1714926586

[lucb1e]

"The address 1LrPYjto3hsLzWJNstghuwdrQXB96KbrCy is under our exclusive control. "
Great, but the transactions being sent there are unconfirmed and don't exist on blockexplorer.com. Something's fishy.

[molecular]

guys, should I lock this thread and show people over to the pretty much identical topic in thread Instawallet Security Breach for simplicity?

[uhoh]

Excellent news.

Now just the strangeness of the lack of confirmations on a well-funded transaction.

[maxmint]

guys, should I lock this thread and show people over to the pretty much identical topic in thread Instawallet Security Breach for simplicity?

Yes

[solomon]

And it's not being confirmed because...?

[repentance]

How is it no big deal?

If it's vanity for Bitcoin Central COLD and the other large tx to the same address 1LrPYjto3hsLzWJNstghuwdrQXB96KbrCy is indeed instawallet cold (as marked on blockchain.info) then we're looking at either the "theft transactions" or some transactions made by davout and team to "further secure the funds". I somehow think the latter is unlikely, since cold store should already be secure and they might've considered telling us "funds secure, don't worry" by now.

And if they're moving funds from their normal cold storage wallet to another address to demonstrate that they still have control of the funds (which is more reassuring than a "don't worry" statement), then that's something they should be publicising.

What's worrying is that when the Instawallet vulnerability was made public last week they should have assumed that both Instawallet and Bitcoin-Central would become bigger targets and that people would start looking for more vulnerabilities in both services, so they should have been locked down hard while a security audit was conducted.  They should have been expecting a breach.

[molecular]

[Apr-1 10:30 CET] Bitcoin-Central and Paytunia update: Our customer's bitcoins and euros are safe and will not be affected by the security breach. We have taken the websites off-line for proper investigation.

The address 1LrPYjto3hsLzWJNstghuwdrQXB96KbrCy is under our exclusive control.

Now that's some good news! These guys know how to build the suspense

yep good to know

finally! thanks!

[molecular]

guys, should I lock this thread and show people over to the pretty much identical topic in thread Instawallet Security Breach for simplicity?

I'm locking this thread for simplicity.

Please discuss here: Instawallet Security Breach