An intruder was able to access the instawallet database. As a result, all "hidden" urls, i.e wallets, have been compromised and are no longer safe to store bitcoins.
So, how are they any good to handle the refunds with / base refunds upon? Surely the hacker could just submit all the URL's he found (and copied) straight into the refund process and cash out again?
