The Inquirer-Home

Bitcoin exchange Mt Gox gets hacked, is accused of understating losses

CEO Mark Karpeles accused of 'misleading customers'
Mon Mar 10 2014, 13:11

WEB ACCOUNTS belonging to Mt Gox CEO Mark Karpeles were defaced over the weekend with links to a spreadsheet that apparently revealed data about customers of the Bitcoin exchange.

A blog post with a telling URL that includes the words "hack", "database", "revealed" and "from mark karpeless," has since been removed, but this weekend it offered a link to the database leak and an accusation that the Mt Gox CEO was misleading customers.

A Reddit post with the same headline has also been removed, but users have preserved it and saved it online at websites including Pastebin.

The 716MB document was accompanied by a message. "It's time that [Mt Gox] got the Bitcoin [community's] wrath instead of Bitcoin Community getting Goxed. This release would have been sooner, but in spirit of responsible disclosure and making sure all of ducks were in a row, it took a few days longer than [we] would have liked to verify the data," it said.

"Included in this download you will find relevant database dumps, csv exports, specialized tools, and some highlighted summaries compiled from data. Keeping in line with fucking Gox alone, no user database dumps have been included. Repost and share this info before it's gone. Lots of people, including us, lost money and coins."

The document shows a total Bitcoin inventory count of 951,116, which is more than the number reported by Mt Gox and could suggest that not all Bitcoins have been lost.

Mt Gox has not commented on this, but it has already said it will do its talking in the courts, and released a warning about reports of spam messages being sent to users (PDF).

"Spam Warning letter. It has come to our attention that Spam/Phishing emails looking as if MtGox was the sender are being sent to our users. These emails have not been sent by us and should be phishing emails," it said.

"Please be aware that MtGox Co., Ltd does not request personal information by email. We highly recommend not to respond to these emails. Further updates concerning the procedure of filing of claims will be posted on the MtGox website."

For its part, Reddit said that it had removed the parts of the post that were against its policies.

"Please refrain from posting database leaks from MtGox. As they were obtained by illegitimate means, they violate the rediquette and will be removed," it said.

"Discussing the leaks is not against the rules, as long as the post itself doesn't break other rules. By all means, have a discussion, but please be respectful of the law, subreddit rules and the rediquette."

Commenters are torn between anger and outrage and the belief that the document is overstated. The top comment said that the data proves nothing. "This has to be the stupidest 'leak' I've seen in my life," read one response.

"OF COURSE their internal systems will show they have the coins, but these are not real coins, these are just numbers in their [database]." µ


Share this:

blog comments powered by Disqus
Subscribe to INQ newsletters

Sign up for INQbot – a weekly roundup of the best from the INQ

Existing User
Please fill in the field below to receive your profile link.
Sign-up for the INQBot weekly newsletter
Click here
INQ Poll

Microsoft Windows 10 poll

Which feature of Windows 10 are you most excited about?