BREAKING: Atlanta based Bitcoin giant BitPay hacked for nearly $2,000,000! - page 7.

Guido

legendary

Activity: 1061

Merit: 1001

Quote from: RawDog on September 17, 2015, 12:18:17 PM

Quote from: kokojie on September 17, 2015, 10:19:58 AM

I don't really blame the CEO on this, since how the fuck would he know his CFO is a fucking retard without common sense.

It is absolutely the highest most important task for a CEO to know whether his CFO is a fucking retard without common sense - that's how. If the CEO does just one thing in his entire career and nothing else at all, he has to know whether the CFO is an idiot. TOTAL FAIL

agreed

CFO is a complete tard

just goes to show, particularly in crypto, anyone can give themselves any title they want

'chief science officer' 'president' lol etc.

jubalix

legendary

Activity: 2618

Merit: 1022

so there is 2 mill $ less of BTC than previously thought around.....looks like less supply available.

coinpr0n

hero member

Activity: 910

Merit: 1000

https://blog.bitpay.com/last-years-theft/

Quote

On September 15, 2015, BitPay filed suit against its insurer, Massachusetts Bay Insurance Company (“MBIC”) to recover amounts owed under a commercial crime policy issued by MBIC to BitPay as well as penalties for MBIC’s bad faith denial of the amounts owed to BitPay under the policy.

BitPay cannot discuss the pending litigation other than to say the amounts owed relate to a theft incident which occurred in December of 2014, nearly one year ago. This was an isolated incident, and none of BitPay’s customers, affiliates or merchants lost any funds. The only victim of the theft was BitPay. All merchant funds were secure, and there were no disruptions to BitPay’s payment services at any time. Additionally, advances in bitcoin cybersecurity over the last year allow BitPay to further protect funds and better serve merchants and bitcoin users.

Stephen Pair,
CEO, BitPay

RawDog

legendary

Activity: 1596

Merit: 1026

Quote from: kokojie on September 17, 2015, 10:19:58 AM

I don't really blame the CEO on this, since how the fuck would he know his CFO is a fucking retard without common sense.

It is absolutely the highest most important task for a CEO to know whether his CFO is a fucking retard without common sense - that's how. If the CEO does just one thing in his entire career and nothing else at all, he has to know whether the CFO is an idiot. TOTAL FAIL

MF Doom

hero member

Activity: 560

Merit: 500

Quote from: ajareselde on September 17, 2015, 11:15:22 AM

This is clearly mostly bitpay fault due to incompetence. I am not surprised the insurer is refusing to pay, i am confident they wont have to after the trial either.
It's funny how such high amounts of funds go stolen due to such a stupid mistake.

I agree, a LOT of incompetence in these btc companies. Seems to be the case with amagi metals, which the ceo went around saying they'll be fully btc, not fiat in the next couple years, well they couldnt even make it 6 months and now they are closed.

But, if they DO make it trhough this, I for one will not be using their site. this to me is a HUGE warning sign, and a red flag that says "pull your funds out of here now!"

gharding

newbie

Activity: 1

Merit: 0

Quote from: gogxmagog on September 17, 2015, 02:30:31 AM

Where else can you rip off a couple million with three emails?s

Are you kidding? 2 million is nothing when you compare it with the fraudulent emails initiating many millions more in wire transfers.

Just a couple from a very quick google search:

http://fortune.com/2015/08/10/ubiquiti-networks-email-scam-40-million/

August 10, 2015
Fraudsters duped this company into handing over $40 million.
A swindler fakes emails from senior managers at the target company and requests (fraudulent) wire transfers.

http://www.securityweek.com/email-scam-nets-214-million-14-months-fbi

January 22, 2015
Email Scam Nets $214 Million in 14 Months: FBI

RGBKey

hero member

Activity: 854

Merit: 658

rgbkey.github.io/pgp.txt

This is crazy and not good news, BitPay is what enabled a lot of companies to accept bitcoin and we can't lose them.

ajareselde

legendary

Activity: 1722

Merit: 1000

Satoshi is rolling in his grave. #bitcoin

This is clearly mostly bitpay fault due to incompetence. I am not surprised the insurer is refusing to pay, i am confident they wont have to after the trial either.
It's funny how such high amounts of funds go stolen due to such a stupid mistake.

kokojie

legendary

Activity: 1806

Merit: 1003

What kind of fucking retard CFO inputs his email credentials on a 3rd party website, this should be common sense if he only started used Internet for a month. No fucking legit website is going to ask you to input your fucking email credentials.

I don't really blame the CEO on this, since how the fuck would he know his CFO is a fucking retard without common sense.

johnyj

legendary

Activity: 1988

Merit: 1012

Beyond Imagination

Quote from: Kakmakr on September 17, 2015, 01:41:03 AM

So these people have no telephones to confirm these types of transactions? Everyone know email is the easiest platform to hack. How can they simply trust a email to transfer $2 000 0000 worth of Bitcoin? I hope a full investigation will be launched and some people will get fired for this.

Not necessarily

If Bitpay is selling 1k to 2k bitcoins to SecondMarket frequently on a weekly basis, the most convenient and traceable way is to use email contact. However Bitpay does not require SecondMarket to pay before the transaction, this gave the hacker a chance to attack

In traditional finance system, this attack does not work, since the receiving account must follow the AML KYC measure and the transaction will be reversed by banks following a dispute and court decision. But bitcoin is different, so it is important to double check before sending out bitcoin transactions

This incident also give us a glance of the size of the transaction that is happening in Bitpay: Anything below 2000 is considered as normal

unamis76

legendary

Activity: 1512

Merit: 1009

Quote from: Mitchell on September 17, 2015, 09:03:57 AM

How can be someone this stupid? No GPG confirmation? No phone confirmation? Nothing? Jesus.

Makes it look like it's frequent to move all these funds just like someone changes shirt without requiring any of the security measures you mentioned... I guess we all expected more from BitPay Roll Eyes

Q7

sr. member

Activity: 448

Merit: 250

Another thing that crossed my mind was I wonder what would happen to those people who hold an account or invested there. Would they be able to withdrawal their coins now that the company is having issue. Hope not another mt gox saga.

leipebarry

member

Activity: 84

Merit: 10

That is good news for Bitcoin Grin

More media attention Cool

To the haters Kiss

Betwrong

legendary

Activity: 3234

Merit: 2112

I stand with Ukraine.

Quote from: Kakmakr on September 17, 2015, 01:41:03 AM

So these people have no telephones to confirm these types of transactions? Everyone know email is the easiest platform to hack. How can they simply trust a email to transfer $2 000 0000 worth of Bitcoin?

Exactly! Actually I think they are involved. I mean some ppl from Bitpay Inc. are accomplices to the "Unknown".

johnyj

legendary

Activity: 1988

Merit: 1012

Beyond Imagination

"Immediately after clicking on the Google doc link, Mr Krohn enters his authenticating information as prompted in order to access the purported Google docs and receives an error message," the letter states. "[Krohn] believes his private information was stolen at that time and that his response provided access to his email to the fraudster."

I guess he was using gmail account to access google docs? A gmail account as corporate account???

Do not open any google doc Grin

uxgpf

newbie

Activity: 42

Merit: 0

Yes, that is a social engineering attack, not a hack.

E-mail is not secure, everyone knows it. You should always verify important matters over some more secure medium, preferably multiple ones. Even a phone call would have been enough to prevent this.

adamstgBit

legendary

Activity: 1904

Merit: 1037

Trusted Bitcoiner

Quote from: Come-from-Beyond on September 17, 2015, 09:39:51 AM

Quote from: adamstgBit on September 17, 2015, 09:24:08 AM

well there goes this year's profit margin

How much did they earn? Order of magnitude is enough.

a guess would be ~0.8% of their volume.

i think its about 1million a day?

so ~2.848million a year

there costs must be in the 0.5 million to 1 million a year

massively guessing here.

Q7

sr. member

Activity: 448

Merit: 250

Although I'm not a law expert but looking at how they handle the bitcoin transfer using only email and without having any proper verification and approval process, most likely they will lose the case. Insurance don't cover for careless mistakes and loopholes

Come-from-Beyond

legendary

Activity: 2142

Merit: 1009

Newbie

Quote from: adamstgBit on September 17, 2015, 09:24:08 AM

well there goes this year's profit margin

How much did they earn? Order of magnitude is enough.

adamstgBit

legendary

Activity: 1904

Merit: 1037

Trusted Bitcoiner

they should get these kinds of request signed with a private key stored on an air gapped PC.
it will add a few mins to the process, but it would prevent this hack

Topic: BREAKING: Atlanta based Bitcoin giant BitPay hacked for nearly $2,000,000! - page 7. (Read 11101 times)