We are continuously working to figure out what has happened regarding the reports of the missing bitcoins.
You can see within one day what happened on your gaming server in regards to a certain account.
We have time stamp of a login with the correct password that made a successful withdrawal on both accounts, that we looked up in a few minutes.
One of the things we are looking into is if there are one or several phishing attempts, what they look like, how many accounts could have been affected, tricked by the phishing. Is it even a phishing or did someone get hold of all passwords, or some passwords, or is it a list of user accounts from other websites and so on - its not exactly a one day thing.
Whats time consuming is:
What we are trying to figure out is if the fault is ours OR If the user simply did not have a secure password or used the same password as they did on other websites, ect ect.
If the site or servers have been compromised, we will refund the user accounts in question.
OR
If the user got his password typed in by inputting the password in the password field as intended we will not refund.
A 2 factor authentication system would have eliminated this problem and should probably have been implemented a long time ago. As much as we are now rushing to develop this feature, At this moment the site is as provided without 2 factor authentication.
* We got one report of a user who clicked a Bitcointalk phishing link, entered his information and then got his balance stolen on Satoshidice.
Which bitcointalk user name was it?
If the user wants to tell us all publicly, he or she may choose to do so.