Pages:
Author

Topic: Public STATEMENT Regarding Bitcoinica account hack at MtGox - page 12. (Read 72899 times)

legendary
Activity: 2856
Merit: 1520
Bitcoin Legal Tender Countries: 2 of 206
The only entity which can provide such information with authority is Liberty Reserve itself.
AurumExchange, MtGox and Bitinstant, please, try to contact Liberty Reserve, in an official manner. If they don't respond, try to reach them via lawyers or something. I know it's possible that they'll just ignore the requests, but you'll never be sure if you don't try.

Unfortunately LR will not reply unless legal action is started, which is what we are also waiting for.

AurumXchange however can (and is actually required to) block funds suspected to be in relation of known criminal activity.

True, if nobody reports anything, there won't be any crime, hacker walks away and everything's fine. Thing is we believe there is a high chance that this time legal action will be started, and within that context funds were blocked.

It is not up to any of us to judge if funds should be unlocked, we should have an actual court with an actual judge do an actual investigation first.

If nothing else, these transactions fall very squarely within the requirements for lodging AML suspicious activity reports so there's a chance that they'll be looked at more closely by financial intelligence units even if there are no police reports made.

absolutely! freeze all accounts of the involved parties until the community have clear answers!

it's just comming in my mind: is there a possibility to freeze bitcoin addresses also in the future by improving the protocol if the community decided to outlaw a bitcoin address because a hacker used it??

Yay! USD v2.0 here we come!

the current situation tells me a need of this! Wink
hero member
Activity: 588
Merit: 500
Hero VIP ultra official trusted super staff puppet
What aurum,mtgox and bitinstant did here is exactly the nature of bitcoin where a community should be able to work through arguments and evidence together

No. What they did is unprofessional, completely irresponsible (they didn't even contact the person they are claiming did something wrong--- so what is the point of the thread?), and possibly illegal.
vip
Activity: 302
Merit: 253
Mark, please post MtGox's customer privacy agreement here in this thread.

AurumXChange and BitInstant should as well.
This.

If information has to be released, release it to the police.

I'm quite unclear as to why the involved parties are disclosing this kind of information on a public internet forum.
At worst it might even harm an official investigation.

I'm curious about AurumExchange's and MT's actual motivations for posting all this.


Part of the problem is that Bitcoinica's operators are AWOL.  They haven't filed a police report, which hasn't opened up the process which would allow his kind of stuff to be formally requested and provided.  Now it's either up to the investors or the users to sue for a resolution.  We all have a claim against Bitcoinica but as of this moment, the only entity with a claim against the hacker is Bitcoinica.  No criminal law enforcement agency in the world is going to pick this case up given the mess it is and, sorry to say, relatively small amount of money that is involved.  We may be able to get local cops on it after a court has sorted out who is responsible for what but that's a ways off.

Why anybody still has their money at Intersango is beyond me.
donator
Activity: 1120
Merit: 1001
I'm going to send the Liu Haipeng's ICBC account mentioned by Zhoutong 0.01 RMB, to identify the province location of the bank account.

Just wait.


---

edit

The bank account was opened in 黑龙江省牡丹江(Mudanjiang, Heilongjiang Province. )
The Chinese name of this bank account is 刘海鹏

hopefully that this will be helpful. However, it can be a bank account bought from the black market.
hero member
Activity: 504
Merit: 502
What I find amusing is that everyone wanted to get to the bottom of all of this and now that more evidence is being presented a certain number of users want to throw rocks at those releasing the information to the public.

Can you people make up your mind, either you want this resolved or not. What aurum,mtgox and bitinstant did here is exactly the nature of bitcoin where a community should be able to work through arguments and evidence together and if there is a need to approach the government after no public progress then so be it.

This forum turned into a speculation forum so that even when solid arguments/evidence get presented then a few select members would start mudslinging at those presenting the evidence.
hero member
Activity: 588
Merit: 500
Hero VIP ultra official trusted super staff puppet
Interestingly enough, Bitinstant doesn't even seem to have a privacy policy available on their site.
vip
Activity: 608
Merit: 501
-
Mark, please post MtGox's customer privacy agreement here in this thread.

AurumXChange and BitInstant should as well.
This.

If information has to be released, release it to the police.

I'm quite unclear as to why the involved parties are disclosing this kind of information on a public internet forum.
At worst it might even harm an official investigation.

I'm curious about AurumExchange's and MT's actual motivations for posting all this.

AurumXchange is blocking funds allegedly belonging to Zhou Tong without any disclosed (until now) reason. Legal advice on AurumXchange's side was to issue a statement as soon as possible to clarify the situation as it was being made public on this very forum.

In absence of any legal action from the victims of this hack, we have no course of action to contact the police, but will be held responsible if funds are released then legal processing is started at a later point.
hero member
Activity: 588
Merit: 500
Hero VIP ultra official trusted super staff puppet
General

MtGox K.K. and its affiliates (hereinafter, "Mt. Gox", "we", "us" or "our") are committed to protecting and respecting your privacy.

This Privacy Policy (together with our Terms and Conditions of Use) governs our collection, processing and use of your Personal Information. We define "Personal Information" as information which identifies you personally, e.g. your name, address, e-mail address, trades etc.

The purpose of this Privacy Policy is to inform you of:
the kinds of Personal Information which we may collect about you and how it may be used;
our use of information regarding IP Addresses and our use of cookies;
any disclosure of Personal Information to third parties;
the transfer of Personal Information outside of Japan;
your ability to correct, update and delete your Personal Information; and
the security measures we have in place to prevent the loss, misuse, or alteration of Personal Information under our control.

Gathering and Use of Personal Information

We may collect your Personal Information if you use the Site, open an Account to use the Platform or perform any Transactions on the Platform. The types of Personal Information which we collect may include:
your name;
your photographic identification;
your address;
your phone number;
your e-mail address;
your banking details including account numbers;
your date of birth; and
your trades.

We may use your Personal Information for the following purposes:
to allow you to open and operate an Account on the Platform;
to enable you to complete Transactions on the Platform;
if you contact us, to reply to your queries;
to analyse use of our Site;
as required for regulatory purposes;
to provide you with information about products and promotions that may be of interest to you, from ourselves and third parties, although only if you have specifically agreed to receive such information;
for market research e.g. surveying our Members' needs and opinions on issues, such as our performance etc.

We will process your Personal Information only for the purpose(s) for which it has been provided to us.

IP Addresses

We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and to report aggregate information to our advertisers. This is statistical data about our users' browsing actions and patterns and does not identify any individual.

Cookies

We use a browser feature known as a "cookie", which assigns a unique identification to your computer. Cookies are typically stored on your computer's hard drive. Information collected from cookies is used by us to evaluate the effectiveness of our Site, analyse trends, and administer the Platform. The information collected from cookies allows us to determine such things as which parts of our Site are most visited and difficulties our visitors may experience in accessing our Site. With this knowledge, we can improve the quality of your experience on the Platform by recognising and delivering more of the most desired features and information, as well as by resolving access difficulties. We also use cookies and/or a technology known as web bugs or clear gifs, which are typically stored in emails to help us confirm your receipt of, and response to, our emails and to provide you with a more personalised experience when using our Site.

We use third party service provider(s), to assist us in better understanding the use of our Site. Our service provider(s) will place cookies on the hard drive of your computer and will receive information that we select that will educate us on such things as how visitors navigate around our site, what products are browsed, and general Transaction information. Our service provider(s) analyses this information and provides us with aggregate reports. The information and analysis provided by our service provider(s) will be used to assist us in better understanding our visitors' interests in our Site and how to better serve those interests. The information collected by our service provider(s) may be linked to and combined with information that we collect about you while you are using the Platform. Our service provider(s) is/are contractually restricted from using information they receive from our Site other than to assist us.

By using our Site you are agreeing that we may use cookies for the purposes set out above.

Disclosure of Personal Information

We use the Personal Information for the purposes indicated at the time you provide us with such information, and/or otherwise for the purposes set out in this Privacy Policy and/or as otherwise permitted by law. We may make available the Personal Information that you provide to us to our affiliates, agents, representatives, trusted service providers and contractors for these limited purposes. We may also share Members’ Personal Information with financial institutions, insurance companies or other companies in the case of a merger, divestiture, or other corporate re-organisation. We may also share Members' Personal Information with law enforcement or regulatory agencies, as may be required by law. Any third party which receives or has access to Personal Information shall be required by us to protect such Personal Information and to use it only to carry out the services they are performing for you or for Mt. Gox, unless otherwise required or permitted by law. We will ensure that any such third party is aware of our obligations under this Privacy Policy and we will enter into contracts with such third parties by which they are bound by terms no less protective of any Personal Information disclosed to them than the obligations we undertake to you under this Privacy Policy or which are imposed on us under applicable data protection laws.

Transfer of Personal Information Outside of Japan

Mt Gox will transfer Members' Personal Information to Mt. Gox K.K. as well as the third party service providers entrusted by Mt. Gox with the hosting of the Platform and other technical operations relating to the operation of the Platform. These parties may be located anywhere in the world. By accepting this Privacy Policy, you consent to such transfer of your Personal Information out of Japan. Unfortunately, the transmission of information via the internet is not completely secure and whilst we will do our best to protect your Personal Information, we cannot guarantee the security of your data transmitted to our site when it is outside of our control. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

Correction/Updating/Deletion of Personal Information

You have the right to access your Personal Information and to require the correction, updating and blocking of inaccurate and/or incorrect data by sending an email to us at: [email protected].

You may also request the deletion or destruction of both the Account and Personal Information by sending an email to us at: [email protected]. Mt. Gox will action your request only where this is not inconsistent with its legal and regulatory obligations.

Upon your written request, we will inform you of the Personal Information relating to you that we hold and the use and general disclosure of your Personal Information. We will also give you a copy of the Personal Information we have retained. There may be a minimal charge for accessing your Personal Information.

Security

We have implemented security measures to ensure the confidentiality of your Personal Information and to protect your Personal Information from loss, misuse, alteration or destruction. Only authorised personnel of Mt. Gox have access to your Personal Information, and these personnel are required to treat the information as confidential. The security measures in place will, from time to time, be reviewed in line with legal and technical developments.

Retention of Personal Information

We will hold your Personal Information only for as long as it is necessary for us to do so, having regard to the purposes described in this Privacy Policy and our own legal and regulatory requirements. In accordance with our record keeping obligations we will retain Accounts and Personal Information for, at least a period of five years after they are closed by Members.

Links

There may be links from our Site to other sites and resources provided by third parties. This Privacy Policy applies only to our Site. Accessing those third party sites or sources requires you to leave our Site. We do not control those third party sites or any of the content contained therein and you agree that we are in no way responsible or liable for any of those third party sites, including, without limitation, their content, policies, failures, promotions, products, services or actions and/or any damages, losses, failures or problems caused by, related to or arising from those sites. We encourage you to review all policies, rules, terms and regulations, including the privacy policies, of each site that you visit.

Marketing

You have the right to ask us not to process your Personal Information for marketing purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your Personal Information. You can exercise the right at any time by contacting us at [email protected].

Changes

Our Site policies, content, information, promotions, disclosures, disclaimers and features may be revised, modified, updated, and/or supplemented at any time and without prior notice at the sole and absolute discretion of Mt. Gox. If we change this Privacy Policy, will take steps to notify all users by a notice on our Site and will post the amended Privacy Policy on the Site.

Contact Us

If you have any questions, comments, or concerns regarding our Privacy Policy and/or practices as it or they relate to the Platform, please contact us at the following e-mail address, address and telephone number:

E-Mail [email protected]


Address

Mt.Gox K.K.

Cerulean Tower 15F

Sakuragaoka-cho 26-1

Shibuya-ku

Tokyo
Japan
〒150-8512
FAO: Mark Karpeles

Telephone Number +81 3 4520 6200

Last updated: [February 2012]





Sorry Mark, I am failing to see "Public forum witch hunts" anywhere there in the Privacy Policy.
vip
Activity: 608
Merit: 501
-
Mark, please post MtGox's customer privacy agreement here in this thread.

AurumXChange and BitInstant should as well.

Funny how one can go from talks of disclosure to non disclosure on occasions.

The points you are highlighting are hardly private (most if not all of is already publicly known), and I fail to see how this qualifies as "libel".
legendary
Activity: 2856
Merit: 1520
Bitcoin Legal Tender Countries: 2 of 206
The only entity which can provide such information with authority is Liberty Reserve itself.
AurumExchange, MtGox and Bitinstant, please, try to contact Liberty Reserve, in an official manner. If they don't respond, try to reach them via lawyers or something. I know it's possible that they'll just ignore the requests, but you'll never be sure if you don't try.

Unfortunately LR will not reply unless legal action is started, which is what we are also waiting for.

AurumXchange however can (and is actually required to) block funds suspected to be in relation of known criminal activity.

True, if nobody reports anything, there won't be any crime, hacker walks away and everything's fine. Thing is we believe there is a high chance that this time legal action will be started, and within that context funds were blocked.

It is not up to any of us to judge if funds should be unlocked, we should have an actual court with an actual judge do an actual investigation first.

If nothing else, these transactions fall very squarely within the requirements for lodging AML suspicious activity reports so there's a chance that they'll be looked at more closely by financial intelligence units even if there are no police reports made.

absolutely! freeze all accounts of the involved parties until the community have clear answers!

it's just comming in my mind: is there a possibility to freeze bitcoin addresses also in the future by improving the protocol if the community decided to outlaw a bitcoin address because a hacker used it??
legendary
Activity: 1372
Merit: 1008
1davout
Mark, please post MtGox's customer privacy agreement here in this thread.

AurumXChange and BitInstant should as well.
This.

If information has to be released, release it to the police.

I'm quite unclear as to why the involved parties are disclosing this kind of information on a public internet forum.
At worst it might even harm an official investigation.

I'm curious about AurumExchange's and MT's actual motivations for posting all this.
hero member
Activity: 868
Merit: 1000


This thread started at 4:00PM Victoria Time. I'm curious as to what time those classes started. And I thought you were still in Singapore.

~Bruno~


It wouldn't tell you much.  He could have whole days where he has no lectures or tutorials and others where they're spread throughout the day and don't finish until 9pm.
hero member
Activity: 588
Merit: 500
Hero VIP ultra official trusted super staff puppet
The only entity which can provide such information with authority is Liberty Reserve itself.
AurumExchange, MtGox and Bitinstant, please, try to contact Liberty Reserve, in an official manner. If they don't respond, try to reach them via lawyers or something. I know it's possible that they'll just ignore the requests, but you'll never be sure if you don't try.

Unfortunately LR will not reply unless legal action is started, which is what we are also waiting for.

AurumXchange however can (and is actually required to) block funds suspected to be in relation of known criminal activity.

True, if nobody reports anything, there won't be any crime, hacker walks away and everything's fine. Thing is we believe there is a high chance that this time legal action will be started, and within that context funds were blocked.

It is not up to any of us to judge if funds should be unlocked, we should have an actual court with an actual judge do an actual investigation first.

If nothing else, these transactions fall very squarely within the requirements for lodging AML suspicious activity reports so there's a chance that they'll be looked at more closely by financial intelligence units even if there are no police reports made.

absolutely! freeze all accounts of the involved parties until the community have clear answers!

it's just comming in my mind: is there a possibility to freeze bitcoin addresses also in the future by improving the protocol if the community decided to outlaw a bitcoin address because a hacker used it??

Yay! USD v2.0 here we come!
full member
Activity: 182
Merit: 100
I would say it is wise for someone to press criminal charges in Singapore immediately(that is where he is living right?), fraud/embezzelment/money laundering (this is what it's called when you transfer money "for a friend", lots of USD involved not just bitcoin), doesn't really matter. He should have his passport taken from him by the police to prevent him fleeing as once he is back in Main land China or another country it will be very difficult to catch him.

If he is innocent then he has nothig to worry about, it will all show in court. The time for talking on the forums has ended and the time for using the justice system that is available has arrived.

Nefario.

Press charges against a minor?
vip
Activity: 302
Merit: 253
China must be a wonderful place to live. I can only imagine the mess I would get myself into if I just wired $40k "for a friend" to one of my bank accounts.

China has strict limits on the amount and types of currency each person can convert annually.  It's not uncommon for Chinese small businesses with customers abroad to solicit the help of friends, relatives, employees in converting excess USD (or whatever) to CNY.
hero member
Activity: 588
Merit: 500
Hero VIP ultra official trusted super staff puppet
It is not up to any of us to judge if funds should be unlocked, we should have an actual court with an actual judge do an actual investigation first.

Instead, it's your job to libel against customers for things you have no proof of?

I do believe that I have not done any libel here. I only have presented facts and answered to questions. I suggest you review the definition of libel.


As representative of MtGox, I do confirm the following facts:

  • Upon hack of Bitcoinica's account on our platform, a large number of redeemable codes have been issued. Seeing a large volume of codes emitted by Bitcoinica didn't alert us at first as we assumed those were funds returned to Bitcoinica customers, however we were made aware it was not the case upon posting on this forum by Genjix about the account hack. We noticed that most of those codes were sent to AurumXchange.
  • Codes were all generated from IP 184.22.31.180 (184-22-31-180.static.hostnoc.net)
  • During the investigation, AurumXchange asked us if we knew anything about email address [email protected] which was used by the hacker according to AurumXchange. We found an account under this email which had some activity back in 2011, with access from both an IP at Microsoft Singapore then an IP at Amazon EC2 and which initial funds are deposited from an account known to belong to Zhou Tong.
.
While we have no definitive proof at this time, there is a definitive need for a proper investigation of what happened there. We have got no reply at this time from Bitcoinica LP and its representatives/owners regarding this matter despite many requests.


Mark, please post MtGox's customer privacy agreement here in this thread.

AurumXChange and BitInstant should as well.
legendary
Activity: 2856
Merit: 1520
Bitcoin Legal Tender Countries: 2 of 206
The only entity which can provide such information with authority is Liberty Reserve itself.
AurumExchange, MtGox and Bitinstant, please, try to contact Liberty Reserve, in an official manner. If they don't respond, try to reach them via lawyers or something. I know it's possible that they'll just ignore the requests, but you'll never be sure if you don't try.

Unfortunately LR will not reply unless legal action is started, which is what we are also waiting for.

AurumXchange however can (and is actually required to) block funds suspected to be in relation of known criminal activity.

True, if nobody reports anything, there won't be any crime, hacker walks away and everything's fine. Thing is we believe there is a high chance that this time legal action will be started, and within that context funds were blocked.

It is not up to any of us to judge if funds should be unlocked, we should have an actual court with an actual judge do an actual investigation first.

If nothing else, these transactions fall very squarely within the requirements for lodging AML suspicious activity reports so there's a chance that they'll be looked at more closely by financial intelligence units even if there are no police reports made.

absolutely! freeze all accounts of the involved parties until the community have clear answers!
legendary
Activity: 1918
Merit: 1570
Bitcoin: An Idea Worth Spending
Doesn't Mike Hearn, a bitcoiner himself, work for Account Security at Google?
Maybe ask him for help with the Gmail access logs, Zhou Tong?

The hacker used Tor for all online communications. I'm looking for alternative ways to locate the person.

I have to say that it's not a good choice for AurumXchange to not include me in the investigation in the first place. I skipped a few classes this afternoon to deal with this mess. However, I have to admit that their intentions are understandable. It's just the fact that 90% of people believing me to be the hacker is driving me mad.

Which classes? Just curious.

This thread started at 4:00PM Victoria Time. I'm curious as to what time those classes started. And I thought you were still in Singapore.

~Bruno~
legendary
Activity: 1358
Merit: 1002
Seriously, you 3 together have done a much better investigation than any "actual investigation" most official judges or police bureaus in the world would. The only think you lack is "authority".

Yes, such a good investigation, and yet they can't prove anything and decided to release private customer information and libel against a customer in the process.

Class act.

Zhou, get a lawyer, but get one to sue these shmucks.


It is not up to any of us to judge if funds should be unlocked, we should have an actual court with an actual judge do an actual investigation first.

Instead, it's your job to libel against customers for things you have no proof of?


I'm gonna take a break from Bitcoin for a while. When I come back, I hope to see that it's returned to being Bitcoin again and not just a microversion of the US government with a bunch of hot-head businesses eager for attention.

Hey, I know you from somewhere... Aren't you that guy who advocates public disclosure for everything?
Do you like your standards like your testicles, two of each?
vip
Activity: 608
Merit: 501
-
It is not up to any of us to judge if funds should be unlocked, we should have an actual court with an actual judge do an actual investigation first.

Instead, it's your job to libel against customers for things you have no proof of?

I do believe that I have not done any libel here. I only have presented facts and answered to questions. I suggest you review the definition of libel.
Pages:
Jump to: