Lost 26.52 BTC from my blockchain.info wallet. Should blockchain compensate?

[kevin486]

2013-Sep-20, I didn't know how and why someone transferred totally around 26.52 Bitcoin from my wallet, the attacker's bitcoin address is: 1N7hSTk7BacngYqPwCvnvbce6JQ6ts9tnq and the transaction IDs are: 1d74d1a0a024842ad311c5af1f968c5f5785e2a81002c5474e574e8f87e90ea6 and 06f0c106bf885b953f1d3c5f5ef205eb57ebbe7626a4b27912af275d1073f5e6

This happened on 2013-Sep-20, that time my password had the pass strength like "GREHYGU758", I associated my email and mobile phone with my blockchain account, but I didn't not enable the google 2FA.

I didn't claim this case to blockchain that time, because I thought it's because of I didn't enable the google 2FA, and my password was not very strong, I that time, I thought it's completely my responsibility. However, as I recently studied in other similar cases in which customers loose bitcoin in on platform, and platform shared the responsibility, I realized that I need to contact blockchain, and claim my loss with your platform.

Reasons are:

1. blockchain should have a mechanism to stop brute password attacking.

2. My mobile phone number and email were associated with my account, I didn't received any alert nor verification about the transaction.

I am not claiming the lost of bitcoin, the my stolen 26.52 bitcoin worths around 3500 USD, I believe blockchain need to share the responsible for the value of that time,3500 USD.

I trust blockchain.info, I continued to use my blockchain wallet after changing my password and enabling 2FA. But I when I thought about this case, it really makes me feel sad, I hope blockchain could compensate.

[roslinpl]

if this was really your account maybe someone just get yours backups...

Someone don't need to bruteforce your blockchain.info password ...

You should keep your backups safe, perhaps you had some on your e-mail, so someone could hack into your e-mail box, steal backups and work with them

Well ... it is not blockchain.info fault.

[kevin486]

if this was really your account maybe someone just get yours backups...

Someone don't need to bruteforce your blockchain.info password ...

You should keep your backups safe, perhaps you had some on your e-mail, so someone could hack into your e-mail box, steal backups and work with them

Well ... it is not blockchain.info fault.

Appreciate your reply, I was also thought about how to justify myself and that's the reason I didn't claim this case that time.

Given the situation that the email was hacked, which I insist is not the case through, so blockchain.info wallet will not have any further protection for their users?  I complained this case today, because today, I saw a similar case on one China BTCTrade platform,  and the platform refunded 42 BTC stolen.

[BitCoinDream]

if this was really your account maybe someone just get yours backups...

Someone don't need to bruteforce your blockchain.info password ...

You should keep your backups safe, perhaps you had some on your e-mail, so someone could hack into your e-mail box, steal backups and work with them

Well ... it is not blockchain.info fault.

Appreciate your reply, I was also thought about how to justify myself and that's the reason I didn't claim this case that time.

Given the situation that the email was hacked, which I insist is not the case through, so blockchain.info wallet will not have any further protection for their users?  I complained this case today, because today, I saw a similar case on one China BTCTrade platform,  and the platform refunded 42 BTC stolen.

It is also possible that someone accidentally created your private key. In that case, u have nothing to do...

[DeathAndTaxes]

It is also possible that someone accidentally created your private key. In that case, u have nothing to do...

It is also possible (but not probable) that he inadvertently jumped into a parallel dimension where he never owned those Bitcoins.  Jumping right to private key could be duplicated is just about as silly.

[joesmoe2012]

Why not use 2 factor?
Posted from Bitcointa.lk - #TgY6JybW25kF7A3E

[Ron~Popeil]

That stinks. I hope you get your coins back.

Everyone should always remember to use 2fa.

[zetaray]

You can try claiming them for loses, but you have to prove it was their fault, and it would be difficult. Email notification would be sent after the thief, so it would be immaterial.

[TwinWinNerD]

There is no technical way to prevent bruteforcing on blockchain.info wallets. The reason being that when accessing the wallet you download it from their server and decrypt that file locally. So basically all you do from that point happens on your computer. How could BCI do anything about that?

Lesson learned: Use 2FA and don't keep so much funds on an online wallet!

[kevin486]

Why not use 2 factor?
Posted from Bitcointa.lk - #TgY6JybW25kF7A3E

I lost these bitcoins on 26th-Sep-2013, I am not sure whether blockchain.info has 2FA that time.

[kevin486]

I got the reply from blockchain.info as below.  So they believe it's likely that my computer get infected by malware...

"
I am sorry to hear of these transactions that you did not initiate. You may have some type of malware on your computer that resulted in your funds being stolen, because your private information was somehow obtained.

By design, Blockchain.info never has access to users' accounts or bitcoins, we do not control access to your funds. That is done on your computer only. We cannot reverse transactions, return your money or track the destination of the transfer made from your bitcoin address. Bitcoin transactions cannot be reversed or tracked.

Our level of encryption, and the complex password that you used, makes it highly highly highly unlikely this account was accessed by a brute-force attack.

If you keep your password and private key backups secure, then your bitcoins are safe with blockchain.info.

It's a terrible thing to lose your bitcoins. It really is. The best thing you can do at this point is to learn from what happened and make sure you take as many security precautions as you can afford to take (like the google 2FA, and IP-locking your account as well).

Again, sorry this happened to you

-----
Kevin Houk | Blockchain & ZeroBlock Support

"

[V.Kodoff]

Its your responsibility to keep your wallet,computer safe from viruses not their.

1. blockchain should have a mechanism to stop brute password attacking.
Really? Why is that and how is going to be done? Can u write a code and also give it to all exchanges so we would feel more safe,we will love you i swear!

2. My mobile phone number and email were associated with my account, I didn't received any alert nor verification about the transaction.
Maby because you was infected and i believe there is may ways to avoid the nortifications,because that's not the first case we have seen with the same problem.

I believe exchanges must and can compensate something only if the problem coming from their system.
I am really sorry for ur loss and believe me i am not dick about it,but its funny how everyone come and blame the exchanges/wallets for their own stupidity.

[dquancey]

As above, use 2fa, it takes 30secs to set up and will protect your account and funds.

Have 26.52btc protected by just a password is a little risky, I don't think blockchain.info should be held accountable.

Presumably these have some kind of T&C's stating that too.

[Baitty]

No they shouldn't compensate. It's the users own responsibility to store Bitcoin on a web server which can easily be hacked. If you are storing a large amount of Bitcoin then keep it in a cold wallet. its your responsibility.