BTC-e might have been compromised

[unamis76]

Friendly reminder to withdraw your funds from exchanges. BTC-e might have their account database compromised. However, nothing indicates that their wallets have been compromised.

See here and here

[1715407203]

1715407203

[1715407203]

1715407203

[Xester]

Friendly reminder to withdraw your funds from exchanges. BTC-e might have their account database compromised. However, nothing indicates that their wallets have been compromised.

See here and here

I dont think that the wallets have been compromised but I think if there was a leak it was the records of BTC-e users. I am referring to the email-address of the users, these details may have been compromised and the hackers are using those details to send false information to the BTC-e users to click a Phishing link so they can access your account and can take over your wallet. This is not only happening to BTC-e but to other sites as well and the only thing that we must do is to be very careful in clicking links in our emails.

[Red-Apple]

Don't people read Emails to the end anymore?!

this is not a new thing and will not be the last one and also it has never been only on btc-e!
when people use their Email addresses everywhere, they get leaked online and circle around. specially when you use the same Email in multiple related places like a couple of bitcoin exchanges, a newsletter, a faucet!,... and the Email that everyone always freaks out about is clearly saying "a failed attempt...."
and i know that twitter you liked is saying a "unique email" but that still doesn't prove a "database hack" in my opinion.

and finally you shouldn't be keeping anything on an exchange in first place!

[unamis76]

I dont think that the wallets have been compromised but I think if there was a leak it was the records of BTC-e users. I am referring to the email-address of the users, these details may have been compromised and the hackers are using those details to send false information to the BTC-e users to click a Phishing link so they can access your account and can take over your wallet. This is not only happening to BTC-e but to other sites as well and the only thing that we must do is to be very careful in clicking links in our emails.

Yes, I've made very clear in my post that we have no indication thus far that wallets have been compromised. I wasn't looking to cause extreme alarmism with my post. Just a friendly reminder to a constantly growing community.

Care is indeed always required when handling emails from exchanges, or that seem to be from exchanges.

Don't people read Emails to the end anymore?!

this is not a new thing and will not be the last one and also it has never been only on btc-e!
when people use their Email addresses everywhere, they get leaked online and circle around. specially when you use the same Email in multiple related places like a couple of bitcoin exchanges, a newsletter, a faucet!,... and the Email that everyone always freaks out about is clearly saying "a failed attempt...."
and i know that twitter you liked is saying a "unique email" but that still doesn't prove a "database hack" in my opinion.

and finally you shouldn't be keeping anything on an exchange in first place!

Once again, I've made very clear in my post that the exchange might have had their account database leaked. However we have no reason to believe the people in the links shared are lying.

To sum up, a "TLDR": BTC-e might have been compromised, so far nothing tells us that their wallets have been compromised, use caution when clicking links on emails, don't keep your funds on exchanges.

[LeGaulois]

I created an account at BTC-e last year, around November or December. Few hours later the account was compromised. The email I used in not used in another place related to crypto and the password was 20 characters, mixing numbers, symbols, ect wich I don't think it is a "weak" password. So it was the first time and will be the last time I use BTC-e

[ahmedjamal1998]

One thing that a lot of people do which is absolutely and totally wrong is using the same email/pass combination in more than one place.
And believe me a lot (seriously A LOT ) of people do it.

This basically gives access to hackers/crackers to all of their content.

The second thing is I hope that after all the news we heard about exchanges running away with the money or getting hacked, no one still leaves their money over there.

[BitFinnese]

~snipped~
and finally you shouldn't be keeping anything on an exchange in first place!

we can not avoid this when we are actively trading, can we?


Seems BTC-E had released a safety measure in securing the account, this kind of stuff is normal as what i quoted said, though it is really possible that the user data had been leaked since there is some users claiming that they have a unique email used for that exchange only and yet they had received a failed log in attempt by someone in some part of the world. Though BTC-e is suggesting to activate 2fa which adds a layer of protection, and changing email by following this instruction.

[Qartada]

Okay, well the account database thing doesn't really mean that people should withdraw their funds from BTC-E.

They should withdraw their funds from BTC-E though because they're clearly having major problems with banks right now, and without deposits being allowed they could really suspend withdrawals at any time, even imminently.

Bitstamp and Coinbase look like the safest exchanges to trade on right now.

[unamis76]

I created an account at BTC-e last year, around November or December. Few hours later the account was compromised. The email I used in not used in another place related to crypto and the password was 20 characters, mixing numbers, symbols, ect wich I don't think it is a "weak" password. So it was the first time and will be the last time I use BTC-e

Now that's strange, did you check for keyloggers or such back then?

[Kprawn]

People bring this on themselves... they keep LARGE amounts of bitcoins on wallet providers or on centralized Bitcoin exchanges and in the process

feed the greed of the hackers that see these places as a Honey hole. Keep the majority of your coins away from these centralized services,

because they are clearly the weak link in Bitcoin. Cold storage do not have employees that can be corrupted or influenced by greed. 

[LeGaulois]

I created an account at BTC-e last year, around November or December. Few hours later the account was compromised. The email I used in not used in another place related to crypto and the password was 20 characters, mixing numbers, symbols, ect wich I don't think it is a "weak" password. So it was the first time and will be the last time I use BTC-e

Now that's strange, did you check for keyloggers or such back then?

Yes I checked everything I can and nothing found, as well using my bank account, paypal and social media or any site with log in details, none of them were compromised this day... My BTC-e account is the only thing that has been hijacked, nothing else. When you create an account in something related to money and then you see some hours later the account has been used by someone else, it's enough for me to not come back.
I know some hackers use Brute force method to guess the password, but guessing the email of the customers is something really amazing

[dl1]

There has *definitely* been a leak of email addresses.  Three years ago I created an account with a unique site-specific email address; I received one address-confirmation email at that time and nothing from the site since (I have not logged into the site or used it since that time).  A couple of days ago I started getting phishing emails sent to that address. 

[Pattberry]

There has *definitely* been a leak of email addresses.  Three years ago I created an account with a unique site-specific email address; I received one address-confirmation email at that time and nothing from the site since (I have not logged into the site or used it since that time).  A couple of days ago I started getting phishing emails sent to that address. 

So are you here trying to tell that there is a leak in the BTC-E system,if that is the case then it is a really bad thing,unless and until there is a confirmation from the site regarding the leaks you will never know.I really hope there wont be any hack in the exchange as i am using the exchange for trading purposes and it is really not possible to shift the coins every day because of the confirmation delays.

[bitbunnny]

Unfortunately this security breaches happen all the time and this is just one more reminder that is not safe to keep your funds on exchangers unless for trading purposes. Exchangers are not meant to be wallets. People have to become more aware that they have to protect themselves and secure their funds.

[Xester]

I dont think that the wallets have been compromised but I think if there was a leak it was the records of BTC-e users. I am referring to the email-address of the users, these details may have been compromised and the hackers are using those details to send false information to the BTC-e users to click a Phishing link so they can access your account and can take over your wallet. This is not only happening to BTC-e but to other sites as well and the only thing that we must do is to be very careful in clicking links in our emails.

Yes, I've made very clear in my post that we have no indication thus far that wallets have been compromised. I wasn't looking to cause extreme alarmism with my post. Just a friendly reminder to a constantly growing community.

Care is indeed always required when handling emails from exchanges, or that seem to be from exchanges.

Don't people read Emails to the end anymore?!

this is not a new thing and will not be the last one and also it has never been only on btc-e!
when people use their Email addresses everywhere, they get leaked online and circle around. specially when you use the same Email in multiple related places like a couple of bitcoin exchanges, a newsletter, a faucet!,... and the Email that everyone always freaks out about is clearly saying "a failed attempt...."
and i know that twitter you liked is saying a "unique email" but that still doesn't prove a "database hack" in my opinion.

and finally you shouldn't be keeping anything on an exchange in first place!

Once again, I've made very clear in my post that the exchange might have had their account database leaked. However we have no reason to believe the people in the links shared are lying.

To sum up, a "TLDR": BTC-e might have been compromised, so far nothing tells us that their wallets have been compromised, use caution when clicking links on emails, don't keep your funds on exchanges.

This is already a rampant activities occurring on the internet and bitcoin users must be very careful or extremely careful towards this trend of scammers and hackers. My friends told me that probably there are insiders feeding information to the hackers that is why they can easily access our e-mails and send phishing links.  I am with you my friend in spreading the information pertaining the style of activities the hackers are now doing using our emails.

[cryp24x]

Unfortunately this security breaches happen all the time and this is just one more reminder that is not safe to keep your funds on exchangers unless for trading purposes. Exchangers are not meant to be wallets. People have to become more aware that they have to protect themselves and secure their funds.

But no matter how secured the password is, if the site data itself is compromised then there is nothing a user can do.  Hackers today are getting smarter and smarter being able to breach securities and steal data of bigger company.  Even Yahoo user data were compromised. So I guess we should keep most of our funds in our cold wallet.

[BrewMaster]

Unfortunately this security breaches happen all the time and this is just one more reminder that is not safe to keep your funds on exchangers unless for trading purposes. Exchangers are not meant to be wallets. People have to become more aware that they have to protect themselves and secure their funds.

But no matter how secured the password is, if the site data itself is compromised then there is nothing a user can do.  Hackers today are getting smarter and smarter being able to breach securities and steal data of bigger company.  Even Yahoo user data were compromised. So I guess we should keep most of our funds in our cold wallet.

another way to look at it is that the people are getting dumber and dumber. in all the hacking news that i have heard so far, it was mainly mistakes of what an idiot employee of that business made.
and as for most services, if they are honest and legit, they will pay the customers back if it were they fault. i believe btc-e had at least one major hack back in the days and paid the users back.

[Catmony]

Okay, well the account database thing doesn't really mean that people should withdraw their funds from BTC-E.

No if this is true than this also suggest that someone else also have access to site database which can lead to security breach. So it is advised to withdraw any balance you have there, no any web wallets or exchange platforms are safe to have your bitcoin.

[bartolo]

It´s clear that the exchanges are places where there is a lot of money and that is why there will always be people who will try to access that money through the accounts of the users. As the users of an exchange are usually also of other exchanges it is convenient to use different emails in different exchanges and if possible use different passwords.

[lorylore]

One thing that a lot of people do which is absolutely and totally wrong is using the same email/pass combination in more than one place.
And believe me a lot (seriously A LOT ) of people do it.

This basically gives access to hackers/crackers to all of their content.

The second thing is I hope that after all the news we heard about exchanges running away with the money or getting hacked, no one still leaves their money over there.

That is very true. You have to create accounts for more than 100 websites and how is it possible that you can remember all 100 unqiue password? So that is why many people end up the same password for everything. They just dont think of anything serious like being hacked, but rather they want ease to have access to their account. And this is the extremely vulnerable victims that the hackers will target.

[newIndia]

Friendly reminder to withdraw your funds from exchanges. BTC-e might have their account database compromised. However, nothing indicates that their wallets have been compromised.

See here and here

As BTC has scaled new high across various exchanges, these news are expected.

[lite]

I never got such email and i hope never get it. although i had received an email to confirm login on blockchain.info. i have 2fa all over my accounts, so no worries.

One thing that a lot of people do which is absolutely and totally wrong is using the same email/pass combination in more than one place.
And believe me a lot (seriously A LOT ) of people do it.

This basically gives access to hackers/crackers to all of their content.

The second thing is I hope that after all the news we heard about exchanges running away with the money or getting hacked, no one still leaves their money over there.

That is very true. You have to create accounts for more than 100 websites and how is it possible that you can remember all 100 unqiue password? So that is why many people end up the same password for everything. They just dont think of anything serious like being hacked, but rather they want ease to have access to their account. And this is the extremely vulnerable victims that the hackers will target.

that's why there are password managers to remember unique and strong passwords for you!

[salfter]

Friendly reminder to withdraw your funds from exchanges. BTC-e might have their account database compromised. However, nothing indicates that their wallets have been compromised.

See here and here

I dont think that the wallets have been compromised but I think if there was a leak it was the records of BTC-e users. I am referring to the email-address of the users, these details may have been compromised and the hackers are using those details to send false information to the BTC-e users to click a Phishing link so they can access your account and can take over your wallet. This is not only happening to BTC-e but to other sites as well and the only thing that we must do is to be very careful in clicking links in our emails.

I received such an email recently, only it was a phishing attempt on LocalBitcoins.  I know BTC-e is to blame, though, because the email address within was a TMDA sender address only valid for email from BTC-e.

[JamesBold]

Just got this jem of an e-mail from a payroll provider for an old job:

"Hello,

You may have seen published reports of a security breach on BTC-e, a Bitcoin exchange, that may have exposed private information, including emails, for 568,000 users. The list of compromised BTC-e accounts has been uploaded to the web. We have compared this list to our user email addresses and found that the email address you used to register for your [] account is on the list of exposed BTC-e accounts.

[] has not been compromised and is not connected to this incident, but if you used the same password for [] and BTC-e, you should immediately change your [] password.

Here are some additional tips for keeping your information in [], and other websites, safe:

For additional security, you can set up two-step verification for your [] account in your account preferences. For more information about two-step verification, please read the following help center article.
Avoid using simple passwords based on dictionary words.
Never use the same password on multiple sites or services.
Never click on ‘reset password’ requests in emails — instead go directly to the service.
If you have any questions or concerns, our [] Care team is here to help!

The [] team"

[tleilaxu_eyes]

Okay, well the account database thing doesn't really mean that people should withdraw their funds from BTC-E.

No if this is true than this also suggest that someone else also have access to site database which can lead to security breach. So it is advised to withdraw any balance you have there, no any web wallets or exchange platforms are safe to have your bitcoin.

Exactly. Has everyone forgotten MtGox already?

[Thiet]

And BTC-e does not exist anymore