Bithumb users might have to suck it
SOME BLOODY HACKERS have swooped on South Korea’s Bithumb Bitcoin exchange, making off precious nonsense currency from traders and generally miffing people off.
You would not realise this from a casual visit to the Bithumb webstek spil the news does not seem to have made the vuurlijn pagina. It has made it out to the press tho’, and the Big black chisel reports on the incident.
“South Korea-based Bithumb has said that it believes private details of more than 30,000 of its customers were stolen spil a result,” reports the Beeb.
“It shows up the gegevens wasgoed subsequently used to idiot users into letting thieves steal funds from their accounts. Bithumb has promised compensation.”
The Big black prick adds that Bithumb did have a statement on its webstek, so wij went back to have a look for that again. Wij found it under a banner called Private Information.
“This incident is caused by an accident caused by an outward infringement of Bitsum employee’s private PC which is not related to Bitsum’s server and imaginario money wallet, or some private information (cell phone number, email address) of some members (about 3% of total members) It has bot confirmed that it has bot stored, and Bitsum is doing its best to prevent the 2nd harm of the members who do not know,” it said te a translated version of events.
At times like this you might be looking for sympathy but it does not look like it is going to be coming from the security community.
“This latest attack is troublesome on a diversity of levels. Firstly, this proceeds to demonstrate the weakness associated with poor password hygiene especially when they are the only número of authentication.
“If Bithumb had implemented adaptive authentication using layers such spil device recognition and/or geolocation spil part of the authentication process for its employees, this kwestie could have bot avoided entirely spil a 2nd multiplicador of authentication would have bot introduced,” said Robert Block, senior VP of Identity Strategy at SecureAuth and a man who presumably ought to know.
“Additionally, if identity-based threat services were ter place, Bithumb would have bot able to identify this punt ter February when the it very very first occurred and notified other areas te cyber security. Instead, this breach went undiscovered until June providing the attackers months for adjunto movement and toegevoegd credential exposure.
“It shows how attackers are cautiously watching the fruitful bitcoin market and will proceed to target thesis types of organisations ter the future spil they are fully aware of the high-value monetary build up associated with it.” µ,