I never got email from bitmain about this. Yesterday I got an email saying there is an unusual activity on my account. I checked the website and saw that my 2FA is not working and was not able to login. I checked it from my smartphone app and I see that all my 'hash' is sold and there are thousands of transaction on my account. What is the point of having 2FA if someone can login just with stolen passwords? Who the hell stores encrypted passwords anyway?
I have contacted support but they haven't replied so far. Please help... I had 5 BTC worth of hash-power rented from them. There has to be a way I can hold them accountable.
Yes you can they should reimbese any losses if you had 2FA active and its been turned off by someone and they were hacked they have a responsibility to deal with it and cover any losses that are accumulted by the customer. They should be able to look at the IP that logged in and see that it not the same as your one also they might have a browser user agent logger that would show if it was the same browser that was used.
Bitmain did not contact me regarding this either I found out via a forum post about it.
Message them and make them aware that your account has been compromised and your 2fa was also effected..
I also agree why would such a company store un-encryped passwords in there database? They should be hashing them and and salt. Totaly unacceptable behaviour from a company of this scale.