Another Exchange/Online Wallet breached

[Trisky]

2 hours ago, Max Entropy said:

As a consequence, more of these events will serve to demonstrate the practical value, for enterprises and banks to develop de-centralized services.

Hear, hear

32 minutes ago, Tinyaccount said:

I'm too thick to understand Max and Coinseekers comments in the three posts above....   can anyone explain what is being said in words for dummies?

The (crypto) technology used is blockchain. It's decentralized and very well encrypted. Meaning if I want to fool/change a transaction, I need to fool 51% of the entire network before a change is made to the databases we all use when in possession of crypto currency like XRP. Hacking/modifying 51% of those databases is nearly impossible.

Having an built in exchange like coinseeker adds makes it very hard to manipulate. Most other exchanges are connecting to a blockchain in a centralized way (having one or more servers with an old fashioned security system in place). You see a lot of hacks lately, this is not the blockchain technology being hacked but everything that isn't blockchain (yet).

[mike91]

I didn't knew if this was real or not but here is their official statement

Dutch: https://www.litebit.eu/nl/statement-about-fifth-of-august

English: https://www.litebit.eu/en/statement-about-fifth-of-august

It's also on a popular Dutch tech site: https://tweakers.net/nieuws/128147/cryptocurrency-handelaar-litebit-meldt-inbraak-op-servers.html

Quote

Potential data breach on the 5th of August

Our team has noticed suspicious activities on the LiteBit servers on the 5th of August 2017. We regret to inform you that someone without authorization had access to LiteBit data. There has been no intrusion on our wallet servers, all coins owned by clients are safe. The intruder also hasn’t had access to any of the uploaded verification documents (such as your identity card or your passport).

The cause of this breach is known and has already been solved. It is not clear if the intruder has stolen user data. In the worst case scenario the intruder has had access to your email address, hashed password, IBAN, phone number, address and your overview of your portfolio data.

What does this mean for you?

If you have 2-factor authentication enabled it is very important to disable and re-enable the authenticator. If you do not have 2-factor authentication enabled we recommend you to enable it.

It is also important to change your password. We also recommend you to change your password regularly to guarantee the safety of your account.

Are the coins stored on my LiteBit wallet safe?

The coins stored on your LiteBit wallets have not been in danger during this intrusion.

What exactly has been stolen?

It is yet unclear whether or not data has been stolen. There has been unauthorized access to your data. Potential stolen data includes your email address, hashed password, IBAN, phone number, address and LiteBit wallet balances. The intruder had no access to the coins on your LiteBit wallet or your uploaded verification documents such as your passport or identity card.

What can the intruder do with my hashed password?

We store the hashed passwords with a unique extra code which differs from every user. This unique code has been merged with your password. This means that it’s impossible to retrieve your original password.

Do I have to do something to ensure the safety of my LiteBit account?

We recommend our customers to change the password of their LiteBit account regularly. And we especially recommend you to change the password now to ensure the safety of your account. We also recommend you to enable two factor authentication. If you already have two factor authentication enabled we recommend to disable and re-enable it.

Last but not least we recommend our customers to watch out for phishing emails, you can find more information about these emails on our phishing information page.

How do I enable two factor authentication?

To enable two factor authentication you will have to download the Google Authenticator app. You can download this app in the app store or the play store. After this you can follow the steps on “My Account -> settings-> security”

What does LiteBit do to prevent a data breach like this in the future?

We have hired specialists to independently run security audits on our system and website. After which we will obviously implement any recommendations they might have.

May I remove the coins from my LiteBit wallet?

Yes, you may remove your coins from your LiteBit wallet to save them somewhere else. If you would like to know how to store your coins offline safely you can read our guide on. setting up a cold wallet.

Did you report this to the Dutch Data Protection Authority?

Yes, LiteBit has reported this incident to the Dutch Data Protection Authority on the 7th of August 2017.

When do you expect to have more information about this incident?

We are still researching the matter, but LiteBit will notify you as soon as we have more information.

Please do not hesitate to contact us if you still have any questions!

 

Edited August 9, 2017 by edwin90

[Guest]

5 hours ago, edwin90 said:

Potential stolen data includes your email address, hashed password, IBAN, phone number, address and LiteBit wallet balances. The intruder had no access to the coins on your LiteBit wallet or your uploaded verification documents such as your passport or identity card.

 

5 hours ago, edwin90 said:

If you have 2-factor authentication enabled it is very important to disable and re-enable the authenticator. If you do not have 2-factor authentication enabled we recommend you to enable it.

Im unclear on why they are recommending stopping and reapplying 2FA.  That sounds to a dummy like me to be less secure?