Security breach halts trading at major Bitcoin exchange Bitstamp

It’s been a rough few weeks for Bitcoin. After hitting an all-time high of over $1,000 USD in November 2013, the price of the digital currency plummeted to $300 in early 2014, and it doesn’t appear to be reversing direction any time soon. Making matters worse, this slide occurred in the absence of any new high-profile security breach reported by major cryptocurrency firms. Now, as the slide continues, a new breach has been announced.

On Monday morning, Bitstamp, the world’s second-largest Bitcoin exchange, temporarily suspended its service and urged its customers not to deposit any money into wallets operated by the company.

A statement on Bitstamp’s website reads:

We have reason to believe that one of Bitstamp’s operational wallets was compromised on January 4th, 2015.

As a security precaution against compromises Bitstamp only maintains a small fraction of customer bitcoins in online systems. Bitstamp maintains more than enough offline reserves to cover the compromised bitcoins.

IN THE MEANTIME, PLEASE DO NOT MAKE DEPOSITS TO PREVIOUSLY ISSUED BITCOIN DEPOSIT ADDRESSES. THEY CANNOT BE HONORED!

Customer deposits made prior to January 5th, 2015 9:00 UTC are fully covered by Bitstamp’s reserves. Deposits made to newly issued addresses provided after January 5th, 2015 9:00 UTC can be honored.

Bitstamp takes our security and soundness very seriously. In an excess of caution, we are suspending service as we continue to investigate. We will return to service and amend our security measures as appropriate.

As cryptocurrency news website CoinDesk notes, the issue first came to light when at least one Bitstamp user attempted to make a pair of deposits into the service—which allows people to trade Bitcoins for dollars or Euros—but didn’t see the coins appear in his or her Bitstamp account.

In a post on Reddit‘s Bitcoin enthusiast community, the user recounted asking a Bitstamp customer service rep about the issue and being told, “Today our transaction processing server detected problems with our hot wallet and stopped processing withdrawals.”

There are two types of wallets capable of holding Bitcoins—hot and cold. Hot wallets are located on computers connected to the Internet, while cold wallets store coins on computers disconnected from the Internet. Cold wallets are infinitely more secure than hot ones, because hackers have no way to get at them outside of absconding with the physical devices on which the coins are stored. Services like Bitcoin exchanges typically conduct transactions using hot wallets and then quickly transfer those coins into cold storage for safekeeping.

Bitstamp CEO Nejc Kodri? apologized on Twitter for the fear, uncertainty, and doubt that his service’s suspension has caused:

The value of a Bitcoin has dropped $12 USD over the past 24 hours.

Illustration by Jason Reed 

Aaron Sankin

Aaron Sankin

Aaron Sankin is a former Senior Staff Writer at the Daily Dot who covered the intersection of politics, technology, online privacy, Twitter bots, and the role of dank memes in popular culture. He lives in Seattle, Washington. He joined the Center for Investigative Reporting in 2016.