The attack, which took place on Sunday, targeted the UK-based exchange’s operational wallets (also known as “hot wallets”) which are connected to the internet. Containing a limited number of bitcoins, the operational wallets allow customers to make instant exchanges of the virtual currency.
Fortunately for Bitstamp customers, the bulk of the exchange’s bitcoin reserves are kept offline and were untouched, tweeted chief executive Nejc Kodrič:
The bulk of our bitcoin are in cold storage, and remain completely safe.
Bitstamp says it notified its customers as soon as the breach was confirmed, advising them not to make any further deposits to already issued bitcoin deposit addresses.
The exchange also called in law enforcement with whom it continues to work closely as it attempts to bring the service back online. According to Kodrič, that may happen within the next day or two following a period of backup restoration and testing.
Meanwhile, the company’s homepage displays a statement offering advice to its customers and assuring them that it will cover the value of the stolen bitcoins, saying that the virtual currency theft “represents a small fraction of Bitstamp’s total bitcoin reserves”.
The exchange added that it “would like to reassure all Bitstamp customers that their balances held prior to our temporary suspension of services will not be affected and will be honored in full.”
Other bitcoin exchanges that have been targeted in the past have not fared too well afterwards.
Last year, for instance, the largest of them all at the time – Mt. Gox – went belly up after 650,000 bitcoins disappeared into thin air, allegedly as a result of insider fraud.
In September 2012, Bitfloor – the then fourth largest exchange – closed its doors after $250,000 went missing after a security lapse and, in November 2013, new exchanges in Australia, China and Denmark disappeared just as quickly as the bitcoins deposited with them.
For the sake of Bitstamp users I hope that this exchange recovers from the attack.