Bitcoin Forum
December 04, 2016, 04:37:46 PM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1] 2 3 »  All
  Print  
Author Topic: Mt.Gox Accounts and passwords released, impact to BTC econ  (Read 9668 times)
warsmith
Newbie
*
Offline Offline

Activity: 27


View Profile
June 19, 2011, 08:18:33 PM
 #1

How do you think the released passwords for MtGox accounts will impact the BTC price? Personally, I think it will drive the price down, because of the bad publicity related with such leaks.


P.s. http://www.megaupload.com/?d=XHMMAIU8 <- The file with the accounts and  hashed (maybe salted too?) passwords.
1480869466
Hero Member
*
Offline Offline

Posts: 1480869466

View Profile Personal Message (Offline)

Ignore
1480869466
Reply with quote  #2

1480869466
Report to moderator
1480869466
Hero Member
*
Offline Offline

Posts: 1480869466

View Profile Personal Message (Offline)

Ignore
1480869466
Reply with quote  #2

1480869466
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1480869466
Hero Member
*
Offline Offline

Posts: 1480869466

View Profile Personal Message (Offline)

Ignore
1480869466
Reply with quote  #2

1480869466
Report to moderator
1480869466
Hero Member
*
Offline Offline

Posts: 1480869466

View Profile Personal Message (Offline)

Ignore
1480869466
Reply with quote  #2

1480869466
Report to moderator
Goldenmaw
Member
**
Offline Offline

Activity: 84


View Profile
June 19, 2011, 08:23:15 PM
 #2

Would somebody scan that thing on a computer isolated from sensitive bitcoin related material?
Bit_Happy
Legendary
*
Offline Offline

Activity: 1442


A Great Time to Start Something!


View Profile
June 19, 2011, 08:23:37 PM
 #3

It will be hard to have prices actually fall to $1 (for example) since there is so much money to be made on bear market rallies. Eventually the (temporary) massive over-supply of BTC will win out and we could see prices in the $1 to $4 range, IMO. The story continues, stay tuned...

15DYJpWJe9H1YofsNQbP9JEWWNn7XPZgbS
warsmith
Newbie
*
Offline Offline

Activity: 27


View Profile
June 19, 2011, 08:28:14 PM
 #4

Would somebody scan that thing on a computer isolated from sensitive bitcoin related material?


Dude, treat it as a plain text *.TXT....
Goldenmaw
Member
**
Offline Offline

Activity: 84


View Profile
June 19, 2011, 08:32:43 PM
 #5

No offense to you personally warsmith, but paranoia pays around these parts.
warsmith
Newbie
*
Offline Offline

Activity: 27


View Profile
June 19, 2011, 08:34:55 PM
 #6

No offense to you personally warsmith, but paranoia pays around these parts.

None taken. It would destroy the thread and the user's browsers if I'd pasted the whole 3mb text file as a reply.
Anyway. I hope everyone changes the password asap when it comes back online.
ploum
Sr. Member
****
Offline Offline

Activity: 378



View Profile WWW
June 19, 2011, 08:39:09 PM
 #7

It means a lot of questions. I've asked some of them here:
http://thebitcoinsun.com/post/2011/06/19/Huge-crash-and-compromized-datas-on-MtGox

But I don't have answers yet. (be welcome to comment on the article page)

Blog posts about Bitcoin - 1KdRBbhjo72CqKTrFsQed6s9NMrvwvrUkq
EricSU
Newbie
*
Offline Offline

Activity: 25


View Profile
June 19, 2011, 08:44:35 PM
 #8

I just received this email from mtgox.

Quote
Dear Mt.Gox user,

Our database has been compromised, including your email. We are working on a
quick resolution and to begin with, your password has been disabled as a
security measure (and you will need to reset it to login again on Mt.Gox).

If you were using the same password on Mt.Gox and other places (email, etc),
you should change this password as soon as possible.

For more details, please see this:

https://support.mtgox.com/entries/20208066-huge-bitcoin-sell-off-due-to-a-compromised-account-rollback

The informations there will be updated as our investigation progresses.

Please accept our apologies for the troubles caused, and be certain we will do
everything we can to keep the funds entrusted with us as secure as possible.


The leaked data includes the following:

- Account number
- Account login
- Email address
- Encrypted password

While the password is encrypted, it is possible to bruteforce most passwords
with time, and it is likely bad people are working on this right now.


Any unauthorized access done to any account you own (email, mtgox, etc) should
be reported to the appropriate authorities in your country.


Thanks,
The Mt.Gox team


DukeOfEarl
Newbie
*
Offline Offline

Activity: 28


View Profile
June 19, 2011, 08:49:58 PM
 #9

I just received this email from mtgox.


I haven't gotten mine yet, but I like that they at least own up to it.
dinzy
Member
**
Offline Offline

Activity: 98


Fuck Intel!


View Profile
June 19, 2011, 08:54:01 PM
 #10

I can confirm my username and email are on the list.  Damn. 

Is everyone going to open up a tradehill account and crash that market ( the server, not price) as soon as they get in?
Clipse
Hero Member
*****
Offline Offline

Activity: 504


View Profile
June 19, 2011, 08:55:48 PM
 #11

Im confused, didnt get any email and Im a fairly bigtime trader o_0

...In the land of the stale, the man with one share is king... >> Clipse

We pay miners at 130% PPS | Signup here : Bonus PPS Pool (Please read OP to understand the current process)
warsmith
Newbie
*
Offline Offline

Activity: 27


View Profile
June 19, 2011, 08:55:56 PM
 #12

no comment about the salt though
dev^
Newbie
*
Offline Offline

Activity: 28


View Profile
June 19, 2011, 09:00:32 PM
 #13

What might happen with those users who didn't enter an email address? (including me...)
How can they log in again, if all passwords were resetted?  Undecided
warsmith
Newbie
*
Offline Offline

Activity: 27


View Profile
June 19, 2011, 09:03:28 PM
 #14

What might happen with those users who didn't enter an email address? (including me...)
How can they log in again, if all passwords were resetted?  Undecided

Perhaps they didn't reset all of them?
TurboK
Full Member
***
Offline Offline

Activity: 137



View Profile
June 19, 2011, 09:04:19 PM
 #15

I looked at that password list. Only around 1800 passwords were kept in regular md5, those are piss easy to crack (see http://www.md5decrypter.co.uk/ if you don't have a rainbow table setup already). The other 60000 were using some other format I did not recognize, though possibly by my own fault... they remind me of Wordpress passwords. It's probably some combined multiple md5 + hash, so I'd think that they are difficult if not impossible to crack, especially if you used a password that is long enough with a wide enough character set.

The danger for password reuse is very real though. It is in theory possible to find a less secure password from some site you signed up to, recover the password from there, and use it at mtgox with your username. So if you use the same password at mtgox or anywhere else, you'll NEED to change passwords. Otherwise you are fairly safe, provided your account is not one of those with regular md5 hashes (the ones not starting with $1$whatever are regular md5s).

12zJNWtM2HknS2EPLkT9QPSuSq1576aKx7

Tradehill viral bullshit code: TH-R114411
dev^
Newbie
*
Offline Offline

Activity: 28


View Profile
June 19, 2011, 09:11:39 PM
 #16

What might happen with those users who didn't enter an email address? (including me...)
How can they log in again, if all passwords were resetted?  Undecided

Perhaps they didn't reset all of them?

I hope so...
Tolsi
Full Member
***
Offline Offline

Activity: 178



View Profile WWW
June 19, 2011, 09:18:48 PM
 #17

where is user of number 51190 in the file?!

Like what am I doing? 1FzSgYpLG4fpy2Q9fKXQsuLxHN81m4P3dR
digimag
Full Member
***
Offline Offline

Activity: 138


View Profile
June 19, 2011, 09:24:57 PM
 #18

No offense to you personally warsmith, but paranoia pays around these parts.

None taken. It would destroy the thread and the user's browsers if I'd pasted the whole 3mb text file as a reply.
Anyway. I hope everyone changes the password asap when it comes back online.
I hope mt gox will refund everybody and close after this disaster.

17opQsbw8873x4PTwzvacEjNR2a59mSxoT
bcpokey
Sr. Member
****
Offline Offline

Activity: 462


View Profile
June 19, 2011, 09:28:03 PM
 #19

Quote
UPDATE REGARDING LEAKED ACCOUNT INFORMATIONS

We will address this issue too and prevent logins from each users. Leaked information includes username, email and hashed password, which does not allow anyone to get to the actual password, should it be complex enough. If you used a simple password you will not be able to login on Mt.Gox until you change your password to something more secure.

I'm not sure what their definition of simple is. I can't remember if I used an email addy on mtgox, and if I didn't my password was pretty complex, so hopefully I can get in and get mah moniez.
bustaballs
Member
**
Offline Offline

Activity: 115


View Profile
June 19, 2011, 09:37:36 PM
 #20

I submitted my first coin to mtgox last night and now it's saying my account doesn't exist. I hope I get my account and my 1 BTC back.

Pages: [1] 2 3 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!