Bitcoinica Warning: Please do not re-use any old Bitcoin deposit addresses

[zhoutong]

Source: https://www.bitcoinica.com/posts/warning-please-do-not-re-use-and-old-bitcoin-deposit-addresses

Dear Bitcoinica Users,

PLEASE DO NOT RE-USE ANY OLD BITOIN DEPOSIT ADDRESSES

Many of you have heard that several bitcoin services were victims of a recent Linode security breach today. Unfortunately, Bitcoinica is also among the services affected.

On 2013-03-01 at 6:30 UTC, our "hot wallet" hosted at Linode and containing over 10,000 BTC was emptied.  The unauthorized access is consistent with that experienced by other bitcoin services, described by Linode as unauthorized access from Linode's "customer support interface".

PLEASE DO NOT RE-USE ANY OLD BITOIN DEPOSIT ADDRESSES

Customers should not use any bitcoin addresses previously used to fund their Bitcoinica accounts.

We must assume that the thief has retained private keys associated with old bitcoin deposit addresses. This would allow them to access any new bitcoins sent to old deposit addresses. As of now, our website will only display new deposit addresses which are not affected by this. However any old bitcoin addresses which you may have recorded for convenience should never be used ever again. This is the most important thing:

PLEASE DO NOT RE-USE ANY OLD BITOIN DEPOSIT ADDRESSES

Other important things:

- Customer funds will not be affected.

Bitcoinica is committed to absorbing any loss. The thief stole from us, not you.

- Customer data is safe.

The compromised server was entirely dedicated to holding our bitcoin "hot wallet" only. Thankfully, this function is the –only- one ever hosted at Linode. No customer data has ever been hosted at Linode. Also, there is no privileged access from the affected server. This means that no passwords, account activity, or any other customer data has been exposed by this incident.

Less important things:

This is a very unfortunate event. To support instant withdrawals for customers, our “hot wallet” balance was necessarily higher than other services. As such the impact to us is larger. However, Bitcoinica is financially sound and our customers will not be affected.

Linode has been a well-respected hosting provider. We have reached out to them to be as cooperative as possible in helping them identify the security breach that led to this incident, but have not yet received a response.

We hope we can soon report their full cooperation in recovering this loss.

Thank you to our customers for your support.

[cypherdoc]

Wow.  Bitcoins sure are popular today.

[Eveofwar]

Wow.  Bitcoins Linode sure are is popular today.

FTFY

[notme]

more and more worthless with every theft.

Nope.

[Electricbees]

I've been wondering what happened... This is very unfortunate.
As is everything I'm seeing on this forum as of recent, God dammit...

I hate thieves. That is all.

[notme]

yep.

Then why has the price not dropped at all on this news... It has instead been fairly bullish today.

[koin]

Many of you have heard that several bitcoin services were victims of a recent Linode security breach today. Unfortunately, Bitcoinica is also among the services affected.

et tu, zhou-te?

there's more coming too i bet.

[proudhon]

yep.

Then why has the price not dropped at all on this news... It has instead been fairly bullish today.

You better hope the thieves actually want bitcoin and not USD.

[notme]

yep.

Then why has the price not dropped at all on this news... It has instead been fairly bullish today.

You better hope the thieves actually want bitcoin and not USD.

Or they could want thousands of other things you can get for BTC.

[Eveofwar]

yep.

Then why has the price not dropped at all on this news... It has instead been fairly bullish today.

You better hope the thieves actually want bitcoin and not USD.

Or they could want thousands of other things you can get for BTC.

proudhon is just praying for the short

[cypherdoc]

the point is the thieves consider Bitcoin valuable.

[Hunterbunter]

People have been stealing USD since they were first created. Has that stopped people using it?

[finway]

That's why

we should support BIP16 as soon as possible...

[proudhon]

People have been stealing USD since they were first created. Has that stopped people using it?

No, but if somebody steals a bunch of USD I can still go to the store the next day and buy the same amount of stuff I could the day before with the USD I have.

[Littleshop]

People have been stealing MONEY since they were first created. Has that stopped people using it?

FTFY

[ineededausername]

hmm

Too late

[proudhon]

Z i dint get any email from you about this



Z will Linode will give you 50 000 USD ?

The Linode's user agreement says, "no".

[bitcoinBull]

damn.  hot wallet is hot.

[da2ce7]

@ zhoutong

What is the tx id of the lost coins?

[acoindr]

Z i dint get any email from you about this



Z will Linode will give you 50 000 USD ?

The Linode's user agreement says, "no".

I'm sorry but this looks like an inside job at Linode to me. There is also the theft from slush and the bitcoin faucet (and who knows who else), so a total of over 13,000 BTC or about 65K USD market value. Supposedly some outside hacker knew different high value sites would have Bitcoin wallets on Linode?