While I feel bad for the people with stolen coins, but come-on ...really?
Same password on multiple sites. *one*
Bells should have been going off as soon as it was rumoured user/pass was leaked. *two*
Confirmed list was leaked and still not changing user/pass for days. *sorry, that's too much*
If the thief took place this morning there was plenty of time to fix this.
1. Yes, it was stupid. I have several different passwords, the password I used for mybitcoin and mtgox was my "junk" password, while I was dabbling with mtgox. Anything financial or important has it's own unique password, but as I do not use a password manager I won't create a unique PW for a site that I will rarely, if ever use again. I never thought to change it after bitcoin became valuable to me.
2. My bitcoins left my account less than 24 hours after this notice went out. I went to bed on Sunday without receiving the email that something was wrong with mtgox during that day, I woke up Monday, went to work in a rush without checking my email, came home and saw the email, checked mybitcoin, and my coins were gone.
3. See above.
I don't live on the forums, nor do I regularly look at news sites, nor do I have a smartphone with mobile broadband to check email with. I do not have a TV so I would not have seen it on news. The only hint I had was that email, and by the time I actually got it, the account was already long compromised. Not everyone who is an advocate of bitcoin actually keeps up with the news on it. It really is boring to me because it will take a long time for bitcoin to become anything more than it's current effective status of "encrypted/untraceable USD funds", so I only check up on this stuff once every couple weeks.
Is it my fault? Ofcourse, in multiple ways it is. The password thing is one obvious one. The other is relying on a service to maintain it's security in exchange of my FEE PAYMENTS for them to uphold their service. The fee mtgox charges on exchanges is obviously to pay the person operating the exchange, in a way they are responsible to maintain their service's security. Since they didn't uphold proper service, scammers have made way with
several hundred thousand dollars from the common users, regardless of the method achieved. It's like saying Sony isn't to blame for several people's credit cards being compromised and charged through the roof, and instead is the user's problem for not cancelling their credit card the very instant the news broke ice. Sony didn't uphold proper service, and caused the problem to happen regardless. Lots of people simply didn't even get the news of Sony being compromised, or thought it didn't effect them because they haven't used sony's services for many years, or forgot the one time they lent the nephew the credit card to buy some DLC or some crap when he was staying the night.