Consumer Security

Thieves Take $5M Bite Out of Bitcoin Exchange

An estimated US$5.2 million was stolen over the weekend from Bitstamp, a digital currency exchange.It has suspended services pending an investigation.

The company assured its customers that bitcoins held with Bitstamp prior to suspension of services were completely safe and would be honored in full.

Bitstamp on Sunday discovered that some of its operational wallets had been compromised resulting in a loss of less than 19,000 BTC. After making that discovery, it advised its customers to stop making deposits to the exchange and suspended services. Law enforcement authorities are assisting the company’s investigation.

The breach represents just a small fraction of the exchange’s reserves, most of which are held in secure offline cold storage systems, according to Bitstamp.

Bump in the Road

Although this bitcoin exchange robbery isn’t in the same ballpark as the $400 million in losses suffered by customers of the Mt. Gox exchange last year, it is more surprising, noted Richard Kohl, an early stage investor and bitcoin business architect.

“It is disappointing, because there was a greater deal of trust in the people running Bitstamp,” he told the E-Commerce Times.

“The digital currency community felt the technologies used by Bitstamp were superior to Mt. Gox,” Kohl said. “We obviously know now that we still have a long way to go. This is a sign of that, but it’s only a small bump.”

Bitcoin will continue to grow as a currency regardless of what happens at a single exchange, he maintained.

“Bitcoin itself is a peer-to-peer network like the Internet. If a website goes down — like Amazon — it doesn’t mean the Internet goes down. That’s what happened with Mr. Gox and, to a smaller extent, with Bitstamp,” Kohl explained.

“Bitcoin will continue to grow,” he said. “it’s one of the fastest-growing economies in the world.”

Not Ready for Prime Time

Nevertheless, the Bitstamp breach highlights two pain points in the bitcoin ecosystem for potential mainstream users: security and consumer protection.

“For the digital currency industry to gain broad public acceptance and greater use, cybersecurity should be a top priority,” Harley Geiger, senior counsel for the Center for Democracy & Technology, told the E-Commerce Times.

Any penetration of the system can be expected to shake confidence.

“Although this breach is relatively small in comparison to the Mt.Gox breach a year ago, and according to the notice on Bitstamp’s website will not affect consumer assets, it still continues to raise questions as to the viability of bitcoin as a mainstream alternative,” noted Nathalie Reinelt, a retail banking and payments analyst with the Aite Group.

Other financial institutions are targets of cybercrime, of course — bitcoin exchanges aren’t alone.

“The big difference, however, is that when large mainstream financial institutions and merchants are attacked, consumers have peace of mind,” Reinelt explained, “knowing that their finances will not be impacted since their accounts are insured, and those breaches almost never result in the suspension of entire services.”

That’s not the case with the Bitstamp breach.

“Consumers who need to transact with their Bitstamp accounts are dead in the water right now, and that’s a problem for an industry that keeps insisting it’s ready for prime time,” Reinelt said.

Niche Market

Complicating matters, certain practices of Bitstamp and other bitcoin players should cause the skepticism antennae of consumers to twitch — for example, the stashing of bitcoin reserves in cold storage offline systems.

“Many bitcoin-based businesses do this, which should raise a red flag for consumers,” Aite Group’s Reinelt said.

“If bitcoin companies don’t trust the ecosystem, to the point where they are taking their digital currency offline, why should consumers?” she asked.

“Given that the bitcoin community has been pushing mainstream adoption so intensely over the last year, their own lack of faith in bitcoin security should remind the risk-averse consumer to steer clear of this payment alternative,” added Reinelt.

Security concerns could act as a drag on bitcoin growth.

“Bitcoin has a small core of believers, but the mainstream isn’t jumping into bitcoin,” Will Norton, an attorney with Baker Donelson’s business technology group, told the E-Commerce Times. “That’s why it will be a while, if ever, before bitcoin becomes ubiquitous.”

John Mello is a freelance technology writer and contributor to Chief Security Officer magazine. You can connect with him on Google+.

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

Related Stories
More by John P. Mello Jr.
More in Consumer Security

E-Commerce Times Channels