Hacking incidents are not unheard of, especially in the Bitcoin sector. The frequency of reports on Bitcoin exchanges being compromised is on an increase. However, the extent of damage is not always clear, except in cases where the targetted platform decides to divulge the details in the name of transparency.
Sometimes it takes years before the user gets to know the full story. LeakedSource, a website that keeps track of stolen user information has published information about the security breaches experienced by BTC-E and BitcoinTalk in 2014 and 2015 respectively.
PREVIOUS POST: ‘The Bitcoin Forum’ Bitcointalk.org goes down for the second time in a week
The recent update on LeakedSource states that the hackers who attacked BTC-E in October 2014 stole data belonging to 568,355 users. The data stolen by hackers included usernames, registered email addresses, passwords, IP addresses of BTC-E customers, registration dates, language preferences and other information regarding the total Bitcoin balance held by each user account.
Similarly, the May 2015 attack on BitcoinTalk seems to have compromised personal information belonging to 499,593 users. The stolen BitcoinTalk data includes usernames, email addresses, passwords, birthdates, secret questions, hashed secret answers and other pieces of data belonging to the platform. However, the account information gained by the hackers may not have come of much use to them due to additional protection features incorporated into these platforms.
PREVIOUS POST: BTC-e Reports DDOS Attack Against Their Server
An analysis conducted by LeakedSource shows that BTC-E had employed an unknown password hashing mechanism, making it almost impossible to crack. However, LeakedSource believes that someone may have found a way to crack the passwords as many users have reported losses since the hacking incident. On the other hand, most of the BitcoinTalk passwords are said to use sha256crypt encryption, making it hard to crack. An exception of about 9 percent of stolen BitcoinTalk passwords seems to use MD5 hashing, which is much easier to crack.
This is not the first time LeakedSource has published hacked data. the platform claims to have over 2.1 billion account details in its database, all obtained from the public domain and data dumps.
PREVIOUS POST: Bitcointalk Hacked, Some User Passwords Captured
The extent of LeakedSource’s database reinforces the importance of using strong passwords for user accounts on the internet. It is also advisable to regularly change the login details of online Bitcoin wallets and exchange accounts to ensure the safety of Bitcoin deposits. One can use automatic random password generators to create strong passwords. However, the best place to store one’s Bitcoin is either in a Bitcoin Core wallet or paper wallets (stashed away in a safe place).
Search for your information on LeakedSource database here.
Ref: LeakedSource | Image: Engadget