YES!!! Cryptopia withdraw all my BTC balance on their exchange without my approval to unknown BTC address without any notification even.
I was waiting for response for mare than a weeks and after I got a response with their sorry words without any proof of evidence just like this:
Thanks for waiting for us to get back to you about this.
I'm sincerely sorry to see this has happened to you. I've completed my investigation into this and can see that your account was actually accessed by another person - IP address 189.40.105.95. This IP address appears to originate from Brazil. We are absolutely certain there have been no user credentials leaked from Cryptopia, and if yours are known to someone else, they must have been obtained from activity or information of your own.
Your account was accessed by this IP address at 3/7/2018 2:40 AM(UTC), and then a minute after that, everything was withdrawn to the address 1HU7vN7dmsX2Et8RjCSwP1dhDyE49emr5k. Unfortunately, this is not a Cryptopia held address so we cannot freeze it to try and recover these funds. As this withdrawal has made it to the blockchain, there isn't anything we're able to do to reverse it, due to the nature of the blockchain itself. You can see this here:
https://blockchain.info/tx/de96cf30119fa3c295fa0794fd6a0036acc6f21479de047d4d04d6f095512558The withdrawal was also confirmed via an email sent to your registered email address according to our systems, so you should consider that account compromised as well. You may not have received this email if your Withdraw confirmation email had been disabled when you were compromised, then re-enabled afterwards via the Security page at
https://www.cryptopia.co.nz/Security.
Unfortunately we’re unable to determine from our end how your email account was compromised, however the most common form we are seeing in these investigations is when the corresponding email address showing up on reported data leaks, and/or is being used for other internet services.
All Cryptopia accounts start with a static 4-8 digit Two Factor PIN number by default, which you set on registration along with your email address and password. This PIN is only a simple form of 2FA, and it’s highly recommended you set up a more secure type of 2FA once you’ve logged into your account. The most secure form of 2FA are dynamic codes, such as Google Authenticator and our Cryptopia Authenticator Device.
From the Security settings for your Account, you can change your 2FA settings of your choice for each activity field on Cryptopia. Please note that you need to remove your current 2FA setting for each activity before you can select and apply other types. 2FA is set for Login as well as a number of other account activities by default: Settings (Security), Lockout, Withdraw, Transfer, and Tip. You will need to enter your 2FA code each time you attempt to access any of these functions while 2FA is applied on them, If you use a static form of 2FA (PIN, Password, Security Question) please set this to something unique you do not use for anything else.
At this stage I recommend changing your email password immediately, It’s very important you use an email provider which supports 2FA on your email account. Please check if your current provider supports 2FA and enable it if so. If your current email provider does not support 2FA, we suggest you look into finding a provider which does support it, and you can then request Cryptopia Support to change your registered email address in a new support ticket. For extra security, we recommend that users of Cryptopia have a dedicated email address that's only used for Cryptopia related activity.
Much of your information, and access to other accounts, can be gained with access to your email account, so please ensure yours is secure.
A number of important emails may be sent from Cryptopia to your registered email address with information relating to activity on your account, such as logins, failed login attempts, withdraw confirmations. They often include links giving you the ability to quickly lock your account for a 24 hour period if you receive notification of activity that wasn’t made by you.
Another important thing to note, is that there are always phishing scams going on which disguise themselves as Cryptopia. We get these taken down as soon as we find them, however I would advise being very vigilant in that regard all the same. I would strongly recommend visiting
https://www.cryptopia.co.nz/Forum/Thread/5153, we try and keep this as up to date as possible. This goes into detail about the various scams that we've identified who are pretending to be Cryptopia and provides some examples you can have a look at to determine whether or not your details may have been compromised via one of these sites.
Please use caution to avoid using any unauthorised websites, apps, or search results which impersonate Cryptopia. Your login credentials should NEVER be used anywhere except on our securely signed site with a certificate from Cryptopia LTD [NZ]:
https://www.cryptopia.co.nzI can definitely appreciate that this is not the nicest way to learn about account security, and again, I'm sincerely sorry for your loss.
Kind regards,
Cryptopia Support
