Well, I'm an asshole...
Someone did in fact gain unauthorized access to my AOL email account and that is how they gained access to my CEX account.
This was entirely my own fault and I would like to apologize to CEX for blaming them.
Still though, Support going a week and a half without contact for a compromised account which has been marked as "High" priority is still bad practice.
But as far as my accusations that CEX may have cleaned out my account, I was wrong and I am very sorry.
So to the person who gained access to my AOL email account from their mobile phone (Wind Telecomunicazioni S.P.A.) in Italy using IP 151.47.168.64 and who owns the Litecoin address LRrCYJxuZUf6k2nurkEezeppd6rhLpSrht you can go f*** yourself and you have been reported. Shouldn't be too hard to track you seeing as how you used a mobile phone, dumbass...
MODS: Please feel free to close/delete this thread as this situation is essentially resolved. Thanks!
Topic: [CEX.io] Account Compromised, No Help From Support [CEX.io] (Read 1389 times)
I have been using CEX.io for quite a few months now. On January 28th someone gained access to my account, changed my profile info (name, location, account email, etc...) sold off all of my assets for LTC and withdrew the coins to their own wallet: LRrCYJxuZUf6k2nurkEezeppd6rhLpSrht (tx #ba01f45db9bab354e654d19495be617b938b7556b4c8efe8625ebfb7c3d757ad)
This attacker changed all of my account info including my account email and I never ONCE received ANY email to confirm that I had made the change.
Upon logging in the next day and realizing that my account had been compromised I went to the support page where I found an open ticket (that had been opened by CEX.io support) asking me if I had made the changes to my account (Which I had not). So they allowed the attacker to clear out my account without first verifying that I had made the changes.
After opening a ticket to inform them that my account had been compromised they advised me to change all of my account information including password and account email which I would be more than happy to do but I can not change them because every time I make a change the confirmation link is sent to the attacker's email!
I have informed CEX.io that I am unable to take any further action until they rectify this problem and have even offered to confirm my identity as the true owner by signing a message using the very first BTC address I ever made a deposit with.
I have not heard from them in a week and a half since then despite multiple contacts from my end trying to find out what is happening and have even informed them that I was going to come here and reveal all of this information to the forums (still no answer).
I would like to know WHY my requests are being ignored (I'm losing money while my account is in limbo as I am not purchasing any more GH/s until this is resolved and the attacker no longer has control of my account) and I would like to warn others to beware of a customer service department which apparently could care less when their customers are ripped off and their accounts are hijacked.
2FA was not enabled, which admittedly is my own fault, but regardless they should not have allowed the change of account info or the withdrawal of funds until after the confirmation for the change(s) to my account info had been made and it also does not excuse a week and half with no response from CEX.io support....
Screenshots/proof:
Also, here are screenshots of the ticket that CEX support opened to ask if I had made the changes to my account info (which I had not):
This attacker changed all of my account info including my account email and I never ONCE received ANY email to confirm that I had made the change.
Upon logging in the next day and realizing that my account had been compromised I went to the support page where I found an open ticket (that had been opened by CEX.io support) asking me if I had made the changes to my account (Which I had not). So they allowed the attacker to clear out my account without first verifying that I had made the changes.
After opening a ticket to inform them that my account had been compromised they advised me to change all of my account information including password and account email which I would be more than happy to do but I can not change them because every time I make a change the confirmation link is sent to the attacker's email!
I have informed CEX.io that I am unable to take any further action until they rectify this problem and have even offered to confirm my identity as the true owner by signing a message using the very first BTC address I ever made a deposit with.
I have not heard from them in a week and a half since then despite multiple contacts from my end trying to find out what is happening and have even informed them that I was going to come here and reveal all of this information to the forums (still no answer).
I would like to know WHY my requests are being ignored (I'm losing money while my account is in limbo as I am not purchasing any more GH/s until this is resolved and the attacker no longer has control of my account) and I would like to warn others to beware of a customer service department which apparently could care less when their customers are ripped off and their accounts are hijacked.
2FA was not enabled, which admittedly is my own fault, but regardless they should not have allowed the change of account info or the withdrawal of funds until after the confirmation for the change(s) to my account info had been made and it also does not excuse a week and half with no response from CEX.io support....
Screenshots/proof:
Also, here are screenshots of the ticket that CEX support opened to ask if I had made the changes to my account info (which I had not):
Jump to: