Bitmain Hacked - Change all your gambling site passwords

[adaseb]

Apparently Bitmain got hacked a day or so ago and I am getting email alerts from different services and gambling sites that there was attempted unauthorized accesses.

Just like the Bitcointalk hack a few years back, these hackers are trying to gain access to any and all Bitcoin related services like exchanges, wallets and most likely also gambling sites.

So if you used the same password and had no 2FA enabled you are at risk...

[1714182660]

1714182660

[1714182660]

1714182660

[MinerHQ]

If accounts don't have any funds then it is still fine but remember to active your 2fa function before depositing your funds to any online sites. If fail to do so then you may lose your funds. These hack activities have become more so protect all your online accounts with security features provided all the sites.

[gon]

Just read about it...

Here is the link, if somebody wants to read more: https://www.reddit.com/r/Bitcoin/comments/6v38o5/bitmain_confirmed_being_hacked/

I'm start changing passes.

[adaseb]

Just read about it...

Here is the link, if somebody wants to read more: https://www.reddit.com/r/Bitcoin/comments/6v38o5/bitmain_confirmed_being_hacked/

I'm start changing passes.

You don't need to change any passes if all your passes were unique.

They basicallly sent out the worst warning email ever and not much info.

No idea if people's addresses were leaked since people used the same accounts to order Antminers. They aren't disclosing much.

[rortan75]

Doesent seem so bad. You are safe if you're using 2 fa.

[piloder]

Oh that is a big blow but I don't have any account there and also I have activated 2fa in almost all of my important accounts already so hope I will be in safe side  

Data breach includes user data, including encrypted passwords, email addresses and phone numbers.

If they have strongly encrypted users password when storing in their server than I think hacker might not gain access to user passwords. Am I wrong?

[Vaskiy]

Doesent seem so bad. You are safe if you're using 2 fa.

Enabling 2FA will provide added security to your account. It's good to make your accounts with the maximum security. If there is no incorporated wallet then minimal security is enough. Because even if one penetrate, he can't make use of the funds.

[panjul07]

Just noticed about this news as I received to email from two different exchange sites that my account is locked due to too many failed login attempts. Luckily both accounts are not active anymore and I dont have any balance there. But seems that all my gambling accounts are safe as I have not received any emails about failed login attempts. Of course I will check one by one to make sure that everything is OK.

[lite]

Never used bitmain site. i always use different email/password on exchanges/gambling sites and 2fa is always enabled.

Data breach includes user data, including encrypted passwords, email addresses and phone numbers.

If they have strongly encrypted users password when storing in their server than I think hacker might not gain access to user passwords. Am I wrong?

They can crack the encrypted password by brute force.

[adaseb]

Oh that is a big blow but I don't have any account there and also I have activated 2fa in almost all of my important accounts already so hope I will be in safe side  

Data breach includes user data, including encrypted passwords, email addresses and phone numbers.

If they have strongly encrypted users password when storing in their server than I think hacker might not gain access to user passwords. Am I wrong?

The email and phone number is a big problem. If you use an exchange such as Coinbase or Gemini or CEX, if someone knows your phone number they can get your 2FA if you are using Authy.

With your email AND phone number they can easily reset any password and even reset your Authy.

This is a huge problem

[Slark]

Wha would have thought that even the giants of crypto business like Bitmain are vulnerable to hacking.
I guess they are really stingy and don't want to pay anyone to test their protection, and here we see the effect.
Just remember, if you bitmain password is unique, you don't need to change passwords for your other services, emails, accounts etc.

[AmoreJaz]

i always used a basic rule of thumb.. for each and every website i use a different and very complex password.but this does explain why i have had about 10 different red flag sign in attempts is several different websites! all failed  but the attempt was there !
so lock down your  access codes and make sure your passwords are changed and safe!

[RealPhotoshoper]

Doesent seem so bad. You are safe if you're using 2 fa.

Indeed you are safe with 2fa attached but it is annoying to get a warning email about failure attempt to login to your account.
Better to change your password to another one , unless if you feel okay to receive the same warning over and over again.
I got a lot of warning since bitcointalk get compromised and now it is happened again , i suggest to change the password really it is annoying.

[Kakmakr]

Save yourself a lot of problems and NEVER re-use passwords for different sites. Make these passwords unique to every site and if you cannot remember them, just write them down and store it in a safe place. If one site is compromised, your accounts on other sites will not be influenced.

We have been saying this for years now and people are still doing this. Lazy people will have to learn from their mistakes.

I never re-use passwords and I also change the passwords for my accounts on different sites regularly, because this is standard practice. < or it should be >

[daemol]

Apparently Bitmain got hacked a day or so ago and I am getting email alerts from different services and gambling sites that there was attempted unauthorized accesses.

I am not surprised. That fits the image on rage for bigger blocksize. Everything is just about profit, nothing's about security.

[Barcode_]

It is never a good choice to use the same passwords for all of the sites that you are registered with, and this was one of the main reason, once a site got hacked and if the customer information are being stolen by the hackers in the process, the hackers might have a chance to access the other sites which you are registered with if you use the same password.

It is also better to change your password once in a few months on the site that you frequently visit, and also enabling 2fa is a good way to safeguard your account and balances.

[Oilacris]

It is never a good choice to use the same passwords for all of the sites that you are registered with, and this was one of the main reason, once a site got hacked and if the customer information are being stolen by the hackers in the process, the hackers might have a chance to access the other sites which you are registered with if you use the same password.

It is also better to change your password once in a few months on the site that you frequently visit, and also enabling 2fa is a good way to safeguard your account and balances.

This is why i dont use repetitive passwords on any accounts that ive made because if you use the same passwords or log-in information on various sites then chances of getting hacked would really be high compared on having different information anytime.This is why im not really bit worried on this kind of hacking incidents because im confident that i wont be easily be hacked by someone.

[poordeveloper]

Thanks a lot for the warning.

[lite]

Oh that is a big blow but I don't have any account there and also I have activated 2fa in almost all of my important accounts already so hope I will be in safe side  

Data breach includes user data, including encrypted passwords, email addresses and phone numbers.

If they have strongly encrypted users password when storing in their server than I think hacker might not gain access to user passwords. Am I wrong?

The email and phone number is a big problem. If you use an exchange such as Coinbase or Gemini or CEX, if someone knows your phone number they can get your 2FA if you are using Authy.

With your email AND phone number they can easily reset any password and even reset your Authy.

This is a huge problem

By reset you mean getting all the 2fa codes? that'll happen only when one enables multi-device feature, one can always disable that feature and stay safe from sms/call based authy recovery.

[poordeveloper]

Also they can try to convince companies that they're the rightful owners of any account, combined with other information. It is for sure dangerous for that information to be in the wrong hands.