Bitstamp to resume trading after theft

Bitstamp said today that it expects to resume trading within 24 hours following a breach on 4th January.

Double whammy as UK users hit by banking and ransomware
Double whammy as UK users hit by banking and ransomware

Bitstamp, the world's third largest bitcoin exchange, says it expects to resume trading within 24 hours after suspending operations this week following a security breach and theft on Sunday.

A tweet from Bitstamp CEO Nejc Kodrič, one of Bitstamp's two Slovenian founders, stated: “Our redeployment is up internally and is being filled with backup data for testing. Relaunch ETA ~24-48h.” https://www.bitstamp.net/

In a statement to SCMagazine.com, Kodrič, said that the loss: “...represents a small fraction of Bitstamp's total bitcoin reserves, the overwhelming majority of which are held in secure offline cold storage systems” and assured customers that their Bitstamp balances held prior to the temporary suspension of services will be honoured in full. He added that the breach resulted in a loss of less than 19,000 bitcoins, almost £3.6 million at today's exchange rate of £189 per bitcoin.

On learning of the breach, Bitstamp told all customers to no longer make deposits to previously issued bitcoin deposit addresses while the incident was investigated and company cooperated with law enforcement officials. Bitstamp had said it believed one of its wallets, which store the digital credentials for a customer's bitcoin holdings, had been compromised.

Reuters reports that last February, Bitstamp said its developers had come up with a solution to thwart cyber-attacks against its platform after Mt. Gox, formerly the world's biggest bitcoin exchanges, lost an estimated £430 million worth of bitcoins when its computer system was hacked. The Japan-based exchange has since been accused of mishandling customers' accounts, leading to investigations in both Japan and the US.

USA Today reported Steve Lord, founder of Modern Money Group commenting: "They [BitStamp] got hit but it looks like they will be able to survive the hit. I would never characterise this as immaterial, but I certainly don't think its the death knell you are reading about."

BitStamp reported its offline reserves to be worth 183,497 bitcoins in May, according to ZDNet, enough to cover any that might have been compromised.

Darren Anstee, director of solutions architects at Arbor Networks commented in an email to SC:“Like any digital asset bitcoin is susceptible to hackers, especially given their rise in popularity and value. And, over the past few years, we have seen a variety of methods used by criminals to either steal bitcoins or the resources required to create them, with various platforms  being targeted and utilised.

“Most regulatory bodies do not currently insure bitcoin, making it substantially more risky to hold the currency. As is the case with Bitstamp, deposits are usually held in air-gapped 'cold storage' (separated from the internet) to minimise risk. However, it is inevitable that some bitcoins will remain accessible in wallets etc, and so further precautions must be taken to protect them. After a breach such as this, it will be important for Bitstamp to be able to audit the activity on their systems and networks to find out exactly what has happened. Having tools that allow ready analysis of historic traffic patterns and activities is becoming increasingly important to organisations so that they can react quickly to prevent and minimise any damage.” 

Rob Lay, solutions architect for enterprise and cyber security, UK & Ireland for Fujitsu added in an email to SC: “Data breaches are now a regular occurrence. We have only just started 2015 and we have already seen our first one. It is clear that the cyber-criminal industry is evolving and as such, organisations need to be doing more when it comes to security. Although this hack is quickly being resolved, organisations need to change their attitudes – it is no longer about prevention, but instead about accepting a breach will occur and moving to a proactive approach which allows better preparation for dealing with today's threats.

“Recent research from Fujitsu's revealed that only a third of financial services organisations said that they were “very confident” that security could be maintained in the event of an outage.  (Consequently) businesses need to ensure they are robust in their security to stay ahead of competitors and remain trusted in the eyes of the consumer.”