Poloniex account hacked and all monies traded away,TICKET NUMBER #271818

[Jaerin]

I kinda disagree on "its easy to hack" - we all have accounts for mail, ebay, paypal and so forth which store some value.
No arguing that 2fa is an important countermeasure- but i would not feel very safe at this exchange anymore.
A little while ago only people who used VPN had had 2fa with special tokens. And somehow we have not all had sudden successful logins in our paypals
or whatever - these guys got owned in some way and do not admit it. Even if someone got a hold of the hashed passwords, a good salting of these hashes could have prevented this.
Going there saying "hey i have 2fa, i am safe" feels a bit wrong for me . You never know what happens next in this hostile environment...
I am going to delete my account there, they have not even responded to my request and that is the last nail in the coffin for my trust.

Certainly do what you need to do to feel confident and safe.  Poloniex is a US based company that has a lot of liability if things go wrong, so it is not some fly in the night operation that is going to disappear without any repercussions if there are problems.  Bring a lawsuit if you think that you have evidence to prove wrong doing, but as I mentioned that's not free and will require time and effort.  The point is that people who have 2FA generally are not hacked unless there is a social engineering component or other accounts that would allow access to the OTP or private keys to be accessed.  Even then there are other safeguards that are in place to prevent it.  The fact is that these people are likely complicit in their hacking and they don't admit it.  The same thing has happened for years and years on plenty of other services and people still think that it will never happen to them therefore they get lazy and don't enable the security features.  Take your money where you feel safe and secure, but all the Poloniex problems are now showing up on Coinbase/GDAX as well and people aren't calling that a scam.  When you have explosive 1m new customers per month type of growth there is a LOT of growing pains and you're going to have a fairly large number of stupid people who don't do what they need to do to protect themselves.  It only takes one to make a post like this on the forums and 1-9 more going me too to make it sound like there are hoards being hacked.

That doesn't mean that Poloniex or anyone else is immune from hacking, but they have a vested interest in making sure that doesn't happen.  Especially when they have had to be registered with the SEC and following money laundering rules just to operate.  Then again maybe this is just me be complacent and ignoring signs that are really are red flags.  Either way you shouldn't be putting money into investments unless you are willing to lose it all, especially if you aren't doing everything you can do to protect it.

[1714530513]

1714530513

[1714530513]

1714530513

[1714530513]

1714530513

[1714530513]

1714530513

[Peanutbutterpolka]

The hacked account started with the letter A.

Btw, polo support blamed me, case closed. However, that's not good enough. They are an American company, and I am American, and we Do have consumer protection here.

Also it looks like person number 3 has been hacked on polo.

If this isn't a warning sign to leave polo, then I don't know what is.

My working theory is that the attackers hacked polo, got a list of non 2fa, then went manually through them alphabetical.

The hacker has been able to do this for atleast a month and a half.

The hacker drained my account nearly exactly like yours by setting counter trades.

Yes polo should be able to track this, have they made any effort to call in authorities? I doubt it.

Hence, I believe they should be opened to a lawsuit.

So what letter of the alphabet are you, and is this your first name or surname?

[Jaerin]

And all of you didn't have 2FA enabled so how do you know that it was Poloniex's database that was hacked?

As I said file your complaints and lawsuits.  I see no issue with Poloniex right now other than them not forcing people to use proper security.  I am using proper security and not worried about the problems you're complaining about.  If I get bit then I'll join your lawsuit.  If you start it at least you can be the principle that will get the most gains from a victory.  All I see at this point is 3 people on an unrelated forum that claim they were hacked when all evidence points to failure to secure accounts.

[trade-and-train]

The hacked account started with the letter A.

Btw, polo support blamed me, case closed. However, that's not good enough. They are an American company, and I am American, and we Do have consumer protection here.

Also it looks like person number 3 has been hacked on polo.

If this isn't a warning sign to leave polo, then I don't know what is.

My working theory is that the attackers hacked polo, got a list of non 2fa, then went manually through them alphabetical.

The hacker has been able to do this for atleast a month and a half.

The hacker drained my account nearly exactly like yours by setting counter trades.

Yes polo should be able to track this, have they made any effort to call in authorities? I doubt it.

Hence, I believe they should be opened to a lawsuit.

So what letter of the alphabet are you, and is this your first name or surname?

what did polo say to you? I've also been hacked in the same way and funds drained its obvious something isn't right here and needs to be sorted, they're getting beyond a joke for a company that make around 10million a day they need to be more supportive to their customers, without us they wouldn't be making a penny, also how long did it take for them to reply to you? thanks

[arsat14]

Guys just to update, Poloniex has not gotten back to me despite several emails and tickets. I am thinking of filing a lawsuit
I have seen many being in the same boat, please respond below if you want to join me in this

[trade-and-train]

Guys just to update, Poloniex has not gotten back to me despite several emails and tickets. I am thinking of filing a lawsuit
I have seen many being in the same boat, please respond below if you want to join me in this

if they don't get back to me within a month i will be taking this further, their support staff is beyond a joke for a company that makes around 10 million a day! and their systems clearly aren't as safe as we may think, yes we should of used two factor and i regret not using it but its not my fault that some low life hacked my account, i never give my password to anyone nor do i use the same password for any other account i always use different one, and my laptop is secure i never download add ons or bots, so its clearly been hacked from their side!

[sachinksd]

i m doing my homework on legality of this issue & which authorities to approach As our asset is lying in USA in poloniex.so we can approach https://www.usa.gov/online-safety also i had tracked down these two I.P addresses from poloniex login history. 51.174.74.182 82.208.175.115 did anyone else also hacked via these I.P addresses ?


i had complained to the cybersecurity wings of the nations from where these I.P traced. also complaining to cybersecurity wing of USA as poloniex or our assets are in USA. RAISED A TICKET IN POLONIEX TOO. i had requested poloniex moderator to just check the timing of these unauthorised trades & they can easily check which accounts are beneficiaries at that moment. as these hackers uses those currency pairs which have almost near to nil volume. it's too easy for poloniex to trace these fraudsters. but they r not responding . so i had mailed my concern to cybersecurity wings of concerned nations. & i request all victims to do the same. also report these to twitter handle of @coindesk ‏& https://twitter.com/Cointelegraph & @themerklenews.
let us rise this issue ,otherwise how can we trust poloniex is not involved in this. take these cases to media limelight.
poloniex i had contacted u on your twitter handle too. but no response.

poloniex my ticket #299064 .

 i m starting a campaign on change.org . it's quite disturbing how a person tens thousands miles far. even doesn't know anything about me. even knows my credential to log into my poloniex account & lately i m seeing a lot of such cases all over reddit.com & net . just search " poloniex account get hacked " & see the numbers. almost 98% of these hacks happened in may,june &july 2017. it can't be a co incidence.

[sachinksd]

further i will say ,people this is not an individual problem , i had searched the whole net. extensively google searched applying time frame of past 1 month. & strangely i found people on reditt,bitcointalk & bitcoingarden complaining about hack . more suspicious is all the fraud happened within june & july2017 .
i strongly belive that polo database is either hacked or it's insider job.

i have a twitter handle too for making this more public. doing everything in my capacity.

anyone with same problem . plz put up on my twitter handle https://twitter.com/hearorbear_polo
Plz share your ticket number on this twitter handle.

[Jaerin]

Of course people are getting hacked.  No one is suggesting otherwise, but if you didn't have 2FA enabled on your account you were just asking to have everything taken.

Between malware, keyloggers, hacking other databases, getting into your email they can and will find some people's usernames and passwords.  You can easily protect yourself.  The extra 30 seconds it takes to login everytime with 2FA pales in comparison to being taken for everything you have.  But Poloniex is the steward of my account you say?  Bullshit, you are.  It costs nothing to protect yourself this way.  Use the desktop version of google authenticator if you don't have a phone, it is still far better than not having 2FA enabled at all.

[trade-and-train]

Of course people are getting hacked.  No one is suggesting otherwise, but if you didn't have 2FA enabled on your account you were just asking to have everything taken.

Between malware, keyloggers, hacking other databases, getting into your email they can and will find some people's usernames and passwords.  You can easily protect yourself.  The extra 30 seconds it takes to login everytime with 2FA pales in comparison to being taken for everything you have.  But Poloniex is the steward of my account you say?  Bullshit, you are.  It costs nothing to protect yourself this way.  Use the desktop version of google authenticator if you don't have a phone, it is still far better than not having 2FA enabled at all.

is 2FA mandatory? no i thought not and yeah we didn't have it on but thats not why we got hacked i can assure you my computer is not compromised i have had it checked by a professional, i never use the same password for anything nor do i give it to anyone so its obvious they got this information from polo! yes i feel stupid for not having 2FA but again its not mandatory so either polo should make it so or they should have better cyber security and they should insure our money in my opinion, my bank insures my money from cyber attacks as should poloniex due to the amount they're making and the amount of money thats being traded on poloniex, its a bloody joke do you have any idea how much they make from fees? yet their support takes for ever to get back to people and their servers are always messing up, they are meant to be one of the best crypto exchanges about they need to start acting like it, how're people meant to trust crypto when they can't trust the exchanges? every time an exchange gets hacked or goes down, crypto market cap drops, why? because people lose faith! they need to improve the way they run its as simple as that. yes i may of lost my money for good but I'm not letting polo get off with this its not acceptable .

[Jaerin]

Of course people are getting hacked.  No one is suggesting otherwise, but if you didn't have 2FA enabled on your account you were just asking to have everything taken.

Between malware, keyloggers, hacking other databases, getting into your email they can and will find some people's usernames and passwords.  You can easily protect yourself.  The extra 30 seconds it takes to login everytime with 2FA pales in comparison to being taken for everything you have.  But Poloniex is the steward of my account you say?  Bullshit, you are.  It costs nothing to protect yourself this way.  Use the desktop version of google authenticator if you don't have a phone, it is still far better than not having 2FA enabled at all.

is 2FA mandatory? no i thought not and yeah we didn't have it on but thats not why we got hacked i can assure you my computer is not compromised i have had it checked by a professional, i never use the same password for anything nor do i give it to anyone so its obvious they got this information from polo! yes i feel stupid for not having 2FA but again its not mandatory so either polo should make it so or they should have better cyber security and they should insure our money in my opinion, my bank insures my money from cyber attacks as should poloniex due to the amount they're making and the amount of money thats being traded on poloniex, its a bloody joke do you have any idea how much they make from fees? yet their support takes for ever to get back to people and their servers are always messing up, they are meant to be one of the best crypto exchanges about they need to start acting like it, how're people meant to trust crypto when they can't trust the exchanges? every time an exchange gets hacked or goes down, crypto market cap drops, why? because people lose faith! they need to improve the way they run its as simple as that. yes i may of lost my money for good but I'm not letting polo get off with this its not acceptable .

I'd like to see a company that gains hundreds of thousands or a million new customers a month keep up with the support load, especially one that deals with monetary transactions.  Coinbase isn't doing any better...

You're playing with huge amounts of money in an environment that literally brand new and basically completely unregulated.  There is HUGE risks involved with that.  You say that you aren't compromised because an "expert" checked your computer and yet you have no idea where the information was leaked from.  You make assumptions that it must come from Polo and yet you have no evidence.  It is just as likely that you yourself used a VPN to "hack" your own account and looking to make an insurance claim.  I'm not saying either is true or even that it didn't come from Polo, but until there is evidence of such a thing you can't say with certainty that was the case.  Malware scanning, antivirus, firewalls they can all be bypassed and if the hackers are good enough go completely undetected doing it.  Hell they may not even have done any of those things they could have social engineered the support process with other information they found out about you and made Poloniex support think that it was a legit request coming from you.  Until you have evidence then you have no idea.  Saying that Poloniex was definitely hacked is just as much spreading FUD as the other things you claim.  All the while the people who are smart enough to understand cyber security are getting along just fine.

And yes I think that Poloniex should make 2FA authentication a mandatory requirement, but that doesn't let you off the hook for not using it.

[trade-and-train]

Of course people are getting hacked.  No one is suggesting otherwise, but if you didn't have 2FA enabled on your account you were just asking to have everything taken.

Between malware, keyloggers, hacking other databases, getting into your email they can and will find some people's usernames and passwords.  You can easily protect yourself.  The extra 30 seconds it takes to login everytime with 2FA pales in comparison to being taken for everything you have.  But Poloniex is the steward of my account you say?  Bullshit, you are.  It costs nothing to protect yourself this way.  Use the desktop version of google authenticator if you don't have a phone, it is still far better than not having 2FA enabled at all.

is 2FA mandatory? no i thought not and yeah we didn't have it on but thats not why we got hacked i can assure you my computer is not compromised i have had it checked by a professional, i never use the same password for anything nor do i give it to anyone so its obvious they got this information from polo! yes i feel stupid for not having 2FA but again its not mandatory so either polo should make it so or they should have better cyber security and they should insure our money in my opinion, my bank insures my money from cyber attacks as should poloniex due to the amount they're making and the amount of money thats being traded on poloniex, its a bloody joke do you have any idea how much they make from fees? yet their support takes for ever to get back to people and their servers are always messing up, they are meant to be one of the best crypto exchanges about they need to start acting like it, how're people meant to trust crypto when they can't trust the exchanges? every time an exchange gets hacked or goes down, crypto market cap drops, why? because people lose faith! they need to improve the way they run its as simple as that. yes i may of lost my money for good but I'm not letting polo get off with this its not acceptable .

I'd like to see a company that gains hundreds of thousands or a million new customers a month keep up with the support load, especially one that deals with monetary transactions.  Coinbase isn't doing any better...

You're playing with huge amounts of money in an environment that literally brand new and basically completely unregulated.  There is HUGE risks involved with that.  You say that you aren't compromised because an "expert" checked your computer and yet you have no idea where the information was leaked from.  You make assumptions that it must come from Polo and yet you have no evidence.  It is just as likely that you yourself used a VPN to "hack" your own account and looking to make an insurance claim.  I'm not saying either is true or even that it didn't come from Polo, but until there is evidence of such a thing you can't say with certainty that was the case.  Malware scanning, antivirus, firewalls they can all be bypassed and if the hackers are good enough go completely undetected doing it.  Hell they may not even have done any of those things they could have social engineered the support process with other information they found out about you and made Poloniex support think that it was a legit request coming from you.  Until you have evidence then you have no idea.  Saying that Poloniex was definitely hacked is just as much spreading FUD as the other things you claim.  All the while the people who are smart enough to understand cyber security are getting along just fine.

And yes I think that Poloniex should make 2FA authentication a mandatory requirement, but that doesn't let you off the hook for not using it.

yes they have gained more customers but this is something they should of been prepared for or at least had some kind of plan ready for when/if it happened which clearly they didn't, and theyre not getting millions of people a month at all! couple hundred thousand tops maybe, and do you really think all these new comers are all going to use 2FA no i think not and with all the extra money polo are getting due to all these new customers they have even more money to fund their support department, at least coinbase support is actually replying to people, i really don't think you understand why people are so hacked off! I'm hacked off because i lost my money yes of course if i get it back thats great if not i live and i learn, obviously i hope to get it back but I'm not counting on it, but do you know the real reason people are hacked off is because poloniex isn't getting back to anyone thats been hacked nor have they stopped the hacker nor have they mentioned it at all!! if they got back to me to at least let me know whats going on i wouldn't mind as much! but people have gone months without a reply, its not like someone wants a general question answered, my bloody account has been compromised you think they would priorities don't you?, and as for i have no proof, have you seen how many people this has been happening too? ahah its not just a couple of people my friend its a lot, hundreds of thousands have been taking from people, i don't need proof if poloniex was to actually do something about it they could track down the accounts and figure out who's account is behind this all, have they done this nope! people are still getting hacked! you can blame us all you like but the truth is its down to some low life who clearly can't earn money so he/she has to take it from others who have worked for it! it seems to me that the information is coming from polo, its not happened to any other exchange and as i said the password i used for poloniex is one of a kind and only ever used on one devise, keep denying it all you like my friend all i say is be careful yes i made a mistake and I'm kicking myself for it believe me ahah I've been saying to myself for ages i need to get 2FA now i regret it, i have been trading crypto for over 3 years this is the first problem I've had, i normally suggest poloniex to a lot of people as i have over a thousand followers online and in groups, like I've said if i get my money back thats great if not thats life and i have to take some blame for this i understand that, but for you to come here and just purely blame everyone because they didn't have an extra security step activate is very low of you in my opinion, these people want helpful information not someone kicking them while theyre down!

[MySeriousFaceIsOn]

My _______________________ and I believe I am entitled to sympathy and recourse because _______________________.

A: Account got hacked / I refused every recommendation from everyone who knew what they were doing and didn't use 2FA.
B: Child died from Polio / I refused every recommendation from everyone who knew what they were doing and continued to believe that vaccines cause autism.

[Jaerin]

yes they have gained more customers but this is something they should of been prepared for or at least had some kind of plan ready for when/if it happened which clearly they didn't, and theyre not getting millions of people a month at all! couple hundred thousand tops maybe, and do you really think all these new comers are all going to use 2FA no i think not and with all the extra money polo are getting due to all these new customers they have even more money to fund their support department, at least coinbase support is actually replying to people, i really don't think you understand why people are so hacked off! I'm hacked off because i lost my money yes of course if i get it back thats great if not i live and i learn, obviously i hope to get it back but I'm not counting on it, but do you know the real reason people are hacked off is because poloniex isn't getting back to anyone thats been hacked nor have they stopped the hacker nor have they mentioned it at all!! if they got back to me to at least let me know whats going on i wouldn't mind as much! but people have gone months without a reply, its not like someone wants a general question answered, my bloody account has been compromised you think they would priorities don't you?, and as for i have no proof, have you seen how many people this has been happening too? ahah its not just a couple of people my friend its a lot, hundreds of thousands have been taking from people, i don't need proof if poloniex was to actually do something about it they could track down the accounts and figure out who's account is behind this all, have they done this nope! people are still getting hacked! you can blame us all you like but the truth is its down to some low life who clearly can't earn money so he/she has to take it from others who have worked for it! it seems to me that the information is coming from polo, its not happened to any other exchange and as i said the password i used for poloniex is one of a kind and only ever used on one devise, keep denying it all you like my friend all i say is be careful yes i made a mistake and I'm kicking myself for it believe me ahah I've been saying to myself for ages i need to get 2FA now i regret it, i have been trading crypto for over 3 years this is the first problem I've had, i normally suggest poloniex to a lot of people as i have over a thousand followers online and in groups, like I've said if i get my money back thats great if not thats life and i have to take some blame for this i understand that, but for you to come here and just purely blame everyone because they didn't have an extra security step activate is very low of you in my opinion, these people want helpful information not someone kicking them while theyre down!

Coinbase's GDAX put on 1 million customers in a month.  What happened?  Oh yeah flash crash just like Polo had a couple months ago.  You're dealing with financial transactions which means you need to vet those support people and train them to make sure they don't send your coins into oblivion or give your coins to any dickwad that puts in a support ticket.  Work in a support department for 20 years like I have and see how long it takes to spin up new good people and how money doesn't really factor into the equation.  As for a plan, I doubt any company could predict that next month they are going to take on hundreds of thousands of new customers and be able to respond in kind.  Maybe they could, but you're talking about likely hiring hundreds of more support people and trying to train them.  Which means that at 20 people a class you're going to need 10's of trainers and 10's of managers and 10's of more HR people to handle all the benefits and payroll.  All those people need training and time to get acclimated to the systems.  That's if Poloniex even has that many people it CAN hire in an economy that has 4.4% unemployment.  But you know they have all this money and can just clone new people because that's how the world works.  Take some personal responsibility instead of blaming something you obviously don't understand.

We get it you're pissed because you did something stupid and now you're paying for it.  Poloniex should respond, but the fact of the matter is you left yourself vulnerable.  As I've said in my posts before by all means sue them into oblivion if you think you have the proof to do it.  Otherwise wait patiently for a response to your support ticket.  I guarantee that you'll get a response from that before you get a settlement or answer from your lawsuit.  Until then spouting off on a forum about how it's all Poloniex's fault when you knowingly left yourself vulnerable isn't going to get you anywhere.

As for the number of people getting hacked I've seen like what?  3-4 on here claiming that, not hundreds of thousands.  As for whether that million customers will use 2FA it doesn't matter, the fact is YOU didn't.  If they don't and they get hacked then that is on them not you or me.  Honestly I hope you get your money back, but the fact is you played in waters you obviously didn't understand and I hope you learned your lesson.  You sound exactly like the people who had their World of Warcraft accounts hacked for years because they didn't use 2FA too and that was just a stupid game account.  I've been hacked before and it hurt, but I learned from it.  This is why I'm telling you to take some responsibility for YOUR mistake.  Maybe Poloniex will help you, maybe they won't, but in the end the responsibility is still yours because YOU took the risks not Poloniex.

There is a reason people say don't leave money on the exchanges.  Always put it into cold storage.  Keep your crypto safe.  Why?  Because they want to see you have to jump through 10 hoops to trade your money?  NO because they got burned and don't want you too.  As I said hopefully you've learned your lesson and I'm sorry you lost your money.

[trade-and-train]

yes they have gained more customers but this is something they should of been prepared for or at least had some kind of plan ready for when/if it happened which clearly they didn't, and theyre not getting millions of people a month at all! couple hundred thousand tops maybe, and do you really think all these new comers are all going to use 2FA no i think not and with all the extra money polo are getting due to all these new customers they have even more money to fund their support department, at least coinbase support is actually replying to people, i really don't think you understand why people are so hacked off! I'm hacked off because i lost my money yes of course if i get it back thats great if not i live and i learn, obviously i hope to get it back but I'm not counting on it, but do you know the real reason people are hacked off is because poloniex isn't getting back to anyone thats been hacked nor have they stopped the hacker nor have they mentioned it at all!! if they got back to me to at least let me know whats going on i wouldn't mind as much! but people have gone months without a reply, its not like someone wants a general question answered, my bloody account has been compromised you think they would priorities don't you?, and as for i have no proof, have you seen how many people this has been happening too? ahah its not just a couple of people my friend its a lot, hundreds of thousands have been taking from people, i don't need proof if poloniex was to actually do something about it they could track down the accounts and figure out who's account is behind this all, have they done this nope! people are still getting hacked! you can blame us all you like but the truth is its down to some low life who clearly can't earn money so he/she has to take it from others who have worked for it! it seems to me that the information is coming from polo, its not happened to any other exchange and as i said the password i used for poloniex is one of a kind and only ever used on one devise, keep denying it all you like my friend all i say is be careful yes i made a mistake and I'm kicking myself for it believe me ahah I've been saying to myself for ages i need to get 2FA now i regret it, i have been trading crypto for over 3 years this is the first problem I've had, i normally suggest poloniex to a lot of people as i have over a thousand followers online and in groups, like I've said if i get my money back thats great if not thats life and i have to take some blame for this i understand that, but for you to come here and just purely blame everyone because they didn't have an extra security step activate is very low of you in my opinion, these people want helpful information not someone kicking them while theyre down!

Coinbase's GDAX put on 1 million customers in a month.  What happened?  Oh yeah flash crash just like Polo had a couple months ago.  You're dealing with financial transactions which means you need to vet those support people and train them to make sure they don't send your coins into oblivion or give your coins to any dickwad that puts in a support ticket.  Work in a support department for 20 years like I have and see how long it takes to spin up new good people and how money doesn't really factor into the equation.  As for a plan, I doubt any company could predict that next month they are going to take on hundreds of thousands of new customers and be able to respond in kind.  Maybe they could, but you're talking about likely hiring hundreds of more support people and trying to train them.  Which means that at 20 people a class you're going to need 10's of trainers and 10's of managers and 10's of more HR people to handle all the benefits and payroll.  All those people need training and time to get acclimated to the systems.  That's if Poloniex even has that many people it CAN hire in an economy that has 4.4% unemployment.  But you know they have all this money and can just clone new people because that's how the world works.  Take some personal responsibility instead of blaming something you obviously don't understand.

We get it you're pissed because you did something stupid and now you're paying for it.  Poloniex should respond, but the fact of the matter is you left yourself vulnerable.  As I've said in my posts before by all means sue them into oblivion if you think you have the proof to do it.  Otherwise wait patiently for a response to your support ticket.  I guarantee that you'll get a response from that before you get a settlement or answer from your lawsuit.  Until then spouting off on a forum about how it's all Poloniex's fault when you knowingly left yourself vulnerable isn't going to get you anywhere.

As for the number of people getting hacked I've seen like what?  3-4 on here claiming that, not hundreds of thousands.  As for whether that million customers will use 2FA it doesn't matter, the fact is YOU didn't.  If they don't and they get hacked then that is on them not you or me.  Honestly I hope you get your money back, but the fact is you played in waters you obviously didn't understand and I hope you learned your lesson.  You sound exactly like the people who had their World of Warcraft accounts hacked for years because they didn't use 2FA too and that was just a stupid game account.  I've been hacked before and it hurt, but I learned from it.  This is why I'm telling you to take some responsibility for YOUR mistake.  Maybe Poloniex will help you, maybe they won't, but in the end the responsibility is still yours because YOU took the risks not Poloniex.

There is a reason people say don't leave money on the exchanges.  Always put it into cold storage.  Keep your crypto safe.  Why?  Because they want to see you have to jump through 10 hoops to trade your money?  NO because they got burned and don't want you too.  As I said hopefully you've learned your lesson and I'm sorry you lost your money.

Poloniex has been around for years one of the longest going exchanges i know, they've had plenty of time to put together a plan my friend theyre a company dealing with revolutionary tech, and I'm sure most business have plans in place for things like this, most companies don't just wing it with no plan ahah, but poloniex could at least keep people up to date with whats going on, look you clearly didn't read my reply very well and just jumped on the keyboard and started the blame game again ahah I've already said if you look back and re read it, i take responsibility for not using 2FA for sure i should of used it am i looking for sympathy? no i would go cry on my mums shoulder if that was the case ahah, all I'm looking for is bloody reply from poloniex or some kind of response online insuring people theyre dealing with the problems I'm not asking for the world on a plate, any professional company would have done a statement by now, and again your second paragraph is purely a joke here is why, okay I'm going over to America soon should i bring a bullet proof vest with me to protect myself from being shot? because i mean if i don't wear one its clearly all my fault if i get shot because i left my self vulnerable?. again i take responsibility for not using the 2fa but as for my personal info, to ME it seems like its been from their side, we post this stuff online not for people like you to come along and not be helpful at all but to warn others that they should be more secure so it don't happen to them and in hope that poloniex sees the problem at hand and speeds it up, 2-3 yes just on this chat there is about 20 people that i know of that its happened to, some with 30kplus other with nothing in their account but account still been compromised, this is why to me it seems that they have been working through some kind of list, personal opinion but it happened to my friends account he had nothing in their and never used it once apart from setting up so the password was never used nor compromised he went to log in a week back as i mentioned it and he's been locked out his account? all I'm saying is something seems a bit strange and we just want reassuring as to whats going on, and look i agree with your last paragraph completely but understand this, I've gradually built my portfolio up to a large amount (large to me) over the past 6 months, last month i applied for my withdraw limit to be upped so i can withdraw most of the money into a hard wallet, i waited over 3 weeks and still it had no been upped so i started to take it out bit by bit but then bam got hacked before i could get it all off. i agree all we can do is wait but its the waiting thats the worse part about this all ahah

[arsat14]

My chain of communication with Poloniex

-----------------------------------------------------------------------------------------------
Hi xxxx,

I am very sorry that this has happened to you, however we have not had any breach of security on our side and this incident is specific to your individual account.  We can not be held responsible for any breach where the attacker has used your login details to gain access to your account.
 
Your greatest risk is an account breach due to your login credentials being stolen through phishing or social engineering, which is most likely the case here. This is why it is so important to have 2FA enabled on your account. Also critical: the email address the account is registered under needs to be carefully protected as well, including a unique password and 2FA. Ideally, these accounts should be accessed either from a dedicated computer or a computer that is used for as little else as possible. Any sort of remote access software, such as Team Viewer or VNC, should be completely removed.
 
It is not possible to reverse trades and if the funds have already since left our system/been withdrawn then unfortunately they will be gone forever due to the nature of blockchain technology.

Our compliance team are investigating this particular matter however and if it surfaces that we can recover any or all of your funds then we would indeed inform you of this in due course.

Thank you for understanding.


Best regards,

Kevin
Poloniex Support

Ticket: https://poloniex.freshdesk.com/helpdesk/tickets/271818


B
xxxx, said 4 days ago
Thanks Kevin,

Please let me know how long will it take for your compliance team to investigate this particular matter. Also please send me the evidence of who traded against me (the thief) and the evidence if the funds have since left the system. And if the funds have not left the exchange have you made any effort to block the thief's account and recover my funds. I would need all that information in the legal proceedings to follow. 

I did not have any security breach at my end and all my passwords Were secure. At the end of the day I have been a victim of a crime and exchange should do all it can to recover funds.

Thanks,

xxx
K
Kevin, said 4 days ago
Hi xxx,

First of all, your account details were not leaked by us. We have never had any data breach on our system. This has arisen from the attacker knowing your login details, most likely due to phishing or social engineering, or possibly even something so simple as a malicious browser extension.

With regards to your request, unfortunately we cannot disclose details of an account to a 3rd party without a subpoena from law enforcement.


Best regards,

Kevin
Poloniex Support

[trade-and-train]

My chain of communication with Poloniex

-----------------------------------------------------------------------------------------------
Hi xxxx,

I am very sorry that this has happened to you, however we have not had any breach of security on our side and this incident is specific to your individual account.  We can not be held responsible for any breach where the attacker has used your login details to gain access to your account.
 
Your greatest risk is an account breach due to your login credentials being stolen through phishing or social engineering, which is most likely the case here. This is why it is so important to have 2FA enabled on your account. Also critical: the email address the account is registered under needs to be carefully protected as well, including a unique password and 2FA. Ideally, these accounts should be accessed either from a dedicated computer or a computer that is used for as little else as possible. Any sort of remote access software, such as Team Viewer or VNC, should be completely removed.
 
It is not possible to reverse trades and if the funds have already since left our system/been withdrawn then unfortunately they will be gone forever due to the nature of blockchain technology.

Our compliance team are investigating this particular matter however and if it surfaces that we can recover any or all of your funds then we would indeed inform you of this in due course.

Thank you for understanding.


Best regards,

Kevin
Poloniex Support

Ticket: https://poloniex.freshdesk.com/helpdesk/tickets/271818


B
xxxx, said 4 days ago
Thanks Kevin,

Please let me know how long will it take for your compliance team to investigate this particular matter. Also please send me the evidence of who traded against me (the thief) and the evidence if the funds have since left the system. And if the funds have not left the exchange have you made any effort to block the thief's account and recover my funds. I would need all that information in the legal proceedings to follow. 

I did not have any security breach at my end and all my passwords Were secure. At the end of the day I have been a victim of a crime and exchange should do all it can to recover funds.

Thanks,

xxx
K
Kevin, said 4 days ago
Hi xxx,

First of all, your account details were not leaked by us. We have never had any data breach on our system. This has arisen from the attacker knowing your login details, most likely due to phishing or social engineering, or possibly even something so simple as a malicious browser extension.

With regards to your request, unfortunately we cannot disclose details of an account to a 3rd party without a subpoena from law enforcement.


Best regards,

Kevin
Poloniex Support

thats completely and utterly bulls"it, they have the power to freeze any account they like and they can easily track down who's account was doing this and freeze it, it seems to me they don't care about what this hacker is doing.

[arsat14]

My chain of communication with Poloniex

-----------------------------------------------------------------------------------------------
Hi xxxx,

I am very sorry that this has happened to you, however we have not had any breach of security on our side and this incident is specific to your individual account.  We can not be held responsible for any breach where the attacker has used your login details to gain access to your account.
 
Your greatest risk is an account breach due to your login credentials being stolen through phishing or social engineering, which is most likely the case here. This is why it is so important to have 2FA enabled on your account. Also critical: the email address the account is registered under needs to be carefully protected as well, including a unique password and 2FA. Ideally, these accounts should be accessed either from a dedicated computer or a computer that is used for as little else as possible. Any sort of remote access software, such as Team Viewer or VNC, should be completely removed.
 
It is not possible to reverse trades and if the funds have already since left our system/been withdrawn then unfortunately they will be gone forever due to the nature of blockchain technology.

Our compliance team are investigating this particular matter however and if it surfaces that we can recover any or all of your funds then we would indeed inform you of this in due course.

Thank you for understanding.


Best regards,

Kevin
Poloniex Support

Ticket: https://poloniex.freshdesk.com/helpdesk/tickets/271818


B
xxxx, said 4 days ago
Thanks Kevin,

Please let me know how long will it take for your compliance team to investigate this particular matter. Also please send me the evidence of who traded against me (the thief) and the evidence if the funds have since left the system. And if the funds have not left the exchange have you made any effort to block the thief's account and recover my funds. I would need all that information in the legal proceedings to follow. 

I did not have any security breach at my end and all my passwords Were secure. At the end of the day I have been a victim of a crime and exchange should do all it can to recover funds.

Thanks,

xxx
K
Kevin, said 4 days ago
Hi xxx,

First of all, your account details were not leaked by us. We have never had any data breach on our system. This has arisen from the attacker knowing your login details, most likely due to phishing or social engineering, or possibly even something so simple as a malicious browser extension.

With regards to your request, unfortunately we cannot disclose details of an account to a 3rd party without a subpoena from law enforcement.


Best regards,

Kevin
Poloniex Support

thats completely and utterly bulls"it, they have the power to freeze any account they like and they can easily track down who's account was doing this and freeze it, it seems to me they don't care about what this hacker is doing.

Thats true, I sent them a screen shot of trading graph and exact time of the attack, on the very illiquid pair. They still have not investigated this from the looks of it! totally outrageous

[trade-and-train]

My chain of communication with Poloniex

-----------------------------------------------------------------------------------------------
Hi xxxx,

I am very sorry that this has happened to you, however we have not had any breach of security on our side and this incident is specific to your individual account.  We can not be held responsible for any breach where the attacker has used your login details to gain access to your account.
 
Your greatest risk is an account breach due to your login credentials being stolen through phishing or social engineering, which is most likely the case here. This is why it is so important to have 2FA enabled on your account. Also critical: the email address the account is registered under needs to be carefully protected as well, including a unique password and 2FA. Ideally, these accounts should be accessed either from a dedicated computer or a computer that is used for as little else as possible. Any sort of remote access software, such as Team Viewer or VNC, should be completely removed.
 
It is not possible to reverse trades and if the funds have already since left our system/been withdrawn then unfortunately they will be gone forever due to the nature of blockchain technology.

Our compliance team are investigating this particular matter however and if it surfaces that we can recover any or all of your funds then we would indeed inform you of this in due course.

Thank you for understanding.


Best regards,

Kevin
Poloniex Support

Ticket: https://poloniex.freshdesk.com/helpdesk/tickets/271818


B
xxxx, said 4 days ago
Thanks Kevin,

Please let me know how long will it take for your compliance team to investigate this particular matter. Also please send me the evidence of who traded against me (the thief) and the evidence if the funds have since left the system. And if the funds have not left the exchange have you made any effort to block the thief's account and recover my funds. I would need all that information in the legal proceedings to follow. 

I did not have any security breach at my end and all my passwords Were secure. At the end of the day I have been a victim of a crime and exchange should do all it can to recover funds.

Thanks,

xxx
K
Kevin, said 4 days ago
Hi xxx,

First of all, your account details were not leaked by us. We have never had any data breach on our system. This has arisen from the attacker knowing your login details, most likely due to phishing or social engineering, or possibly even something so simple as a malicious browser extension.

With regards to your request, unfortunately we cannot disclose details of an account to a 3rd party without a subpoena from law enforcement.


Best regards,

Kevin
Poloniex Support

thats completely and utterly bulls"it, they have the power to freeze any account they like and they can easily track down who's account was doing this and freeze it, it seems to me they don't care about what this hacker is doing.

Thats true, I sent them a screen shot of trading graph and exact time of the attack, on the very illiquid pair. They still have not investigated this from the looks of it! totally outrageous

its beyond a joke. I've just updated my ticket to tell them my password was one of a kind, never used anywhere else, i never give my password to anyone, don't write it down anywhere, and Is used on a secure devise. if they was to actually bother they could freeze his/her account and recover the funds, they just can't be bothered. i still think these exchanges should insure everyones funds for such things, i would happily pay a monthly fee if they did such thing.

[spngebob]

That is lots of money to keep in exchange without 2fa. Why did you keep your money in exchange anyway? It's not wallet, coins are not yours when they are in it.

With regards to your request, unfortunately we cannot disclose details of an account to a 3rd party without a subpoena from law enforcement.

I don't see any other thing to do than what Kevin said you to do indirectly.