EDIT: If you cannot access your account and your e-mail address on your account has been changed, please post here as well with as much information as you have.EDIT2: Added a question about password reuse, please update your postsOk, so I've seen a lot of topics appearing about Mt. Gox accounts getting compromised, and had it happen to myself as well - and I'm wondering what the scale of this is.
First, a few things:
My Mt. Gox account got broken into, what do I do?First of all, do a virus scan, there are plenty of free antivirus applications that work fine - for example, Avast, Antivir/Avira, and AVG.
If you are tech-savvy or know someone who is, and you are on Windows, use applications like TCPView, Wireshark, and Security Task Manager to determine whether any suspicious network activity is taking place, or whether there are any suspicious processes running. Also check your Services for suspicious services.
Change your password. It should be:
* At least 12 characters long, more is better
* Contain letters (both lower and upper case), numbers, and if possible special characters
* Not have any dictionary words, names, or dates in it. The best password is a seemingly random password
* MOST IMPORTANTLY, not a password that you use somewhere else!
* Make sure your new password has a different length than your old one!After you changed your password, check in your Mt. Gox account if your e-mail address is still correct.
Make sure that your password is NOT saved in your browsers "password manager"! If your browser asks you whether it should remember your password, choose No.
Be sure to read this post to the end!How could this happen? Is Mt. Gox safe?Right now it appears to be unclear on where this "attack" is coming from. At least some accounts had complex and/or long passwords, so bruteforcing seems unlikely, but it's possible.
If you had a short password and use an outdated browser (or Internet Explorer, or another browser that does not have this vulnerability patches), it is possible you got hit by the so called "CSS History Sniffer" vulnerability. Get an up-to-date browser that has this vulnerability patched - I believe at least Chrome and Firefox 3 are safe from this - and use a longer password.
While Mt. Gox being compromised is a possibility, there is no proof for it, and it's best NOT to assume that is the case - this may be an attempt at spreading fear and getting people to leave Mt. Gox.
It's best to wait for a response from MagicalTux on this. Personally I normally don't leave any funds in Mt. Gox (or any web wallet / exchange) any longer than necessary, exactly to avoid things like this. The only reason it happened now was because I was unable to access Mt. Gox at all for a long time, and thus didn't have the chance to withdraw my funds.
And now?I personally think it's a good idea to collect as much data on what happened as possible. Please report in if you got hit as well, and answer the following questions:
* How much funds did you lose?
* To what address were your stolen funds sent?
* What OS are you using (Windows, Linux, Mac OSX ...)?
* How long was your old password?
* Was your old password random?
* Was your username the same on Mt. Gox as on the forum?
* Did you use your Mt. Gox password somewhere else?* Did your old password contain lowercase letters, uppercase letters, special characters and numbers?
* Have you used any Bitcoin-related software, and if yes, what software? Think about things like miners, wallet managers, etc.
* Please also include a screenshot if possible so we know it's a real report.
I'll start out with myself.
Lost funds: about $200
Sent to:
16MHJtHA1dVJQZYcFf3iRAeF3dCFQeqTCiOS: Windows 7 Home Premium
Password length: 20 characters
Random: Yes
Username the same: Yes
Password reused: No
Characters: uppercase, lowercase, and numbers.
Software: used Diablo Miner and pocblm
Screenshot: