UPDATE 2024 PDT Compromised Bitcoin accounts are now receiving emails purporting to be from Mt. Gox containing a .exe file claiming to be a "certificate" to be used for resetting password. The Mt. Gox site says nothing about it.
UPDATE 1921 PDT Mt. Gox seems to be taking pleasure in the little things - or how is this for considering yourselves not hacked:
It appears that someone who performs audits on our system and had read-only access to our database had their computer compromised. This allowed for someone to pull our database. The site was not compromised with a SQL injection as many are reporting, so in effect the site was not hacked.
Bitcoins, the first virtual currency traded and valued exclusively among P2P network participants, are crashing and burning right now. The Mt. Gox exchange has been hacked.
Bitcoins plummeted from about US $20 to one cent.
It is impossible to know what actual valuation of Bitcoins will be when markets are back up and running. It's probably safe to say that there will be considerable damage to confidence in Bitcoins.
A whole nascent currency set back by one hack...
Early indications are that he market on Bitcoins appears to have been suspended. TradeHill, another online virtual currency exchange, has taken the precaution of stopping trades there, too.
The hacker was able to use someone's account to obtain access to the Mt. Gox database.
The extent of the damage is being stated in low tones in an email sent to compromised accounts by Mt. Gox:
The leaked data includes the following:
- Account number
- Account login
- Email address
- Encrypted password
While the password is encrypted, it is possible to bruteforce most passwords
with time, and it is likely bad people are working on this right now.
The concept of a P2P currency is well explained in this Omega Tau podcast.
Sorry for the short diary, I thought some of you might need to know.