Re: User-Datenbank von Mt Gox veröffentlicht, ändert eure Passwörter!
1. Greift am 16. oder 17.06. die Seite an
Dem würd ich so zustimmen, der veröffentliche Teil der DB ist entweder nicht vollständig oder der eigentliche Angriff fand schon vor ein paar Tagen statt, denn in der veröffentlichten Liste fehlen die ca. 500 letzten Accounts. Die höchste ID in der Datei ist ~61000, heut morgen war man bei mtgox aber schon bei ~ 61500.Der Rest ist aber alles reine Spekulation, das weiß nur der Hacker selbst bzw MtGox der es eventuell an Hand der Logdaten rekonstruieren kann.
Japs, und die Hashes lagen schon vorher bei Online Hashdatenbanken vor
Btw. hat MTG grad eine Email rausgelassen. Hoffentlich schicken die bei den Leuten mit Email eine Bestätigung zum PW ändern, nicht einfach alle freischalten. :/
Quote
Dear Mt.Gox user,
Our database has been compromised, including your email. We are working on a
quick resolution and to begin with, your password has been disabled as a
security measure (and you will need to reset it to login again on Mt.Gox).
If you were using the same password on Mt.Gox and other places (email, etc),
you should change this password as soon as possible.
For more details, please see this:
https://support.mtgox.com/entries/20208066-huge-bitcoin-sell-off-due-to-a-compromised-account-rollback
The informations there will be updated as our investigation progresses.
Please accept our apologies for the troubles caused, and be certain we will do
everything we can to keep the funds entrusted with us as secure as possible.
The leaked data includes the following:
- Account number
- Account login
- Email address
- Encrypted password
While the password is encrypted, it is possible to bruteforce most passwords
with time, and it is likely bad people are working on this right now.
Any unauthorized access done to any account you own (email, mtgox, etc) should
be reported to the appropriate authorities in your country.
Thanks,
The Mt.Gox team
Our database has been compromised, including your email. We are working on a
quick resolution and to begin with, your password has been disabled as a
security measure (and you will need to reset it to login again on Mt.Gox).
If you were using the same password on Mt.Gox and other places (email, etc),
you should change this password as soon as possible.
For more details, please see this:
https://support.mtgox.com/entries/20208066-huge-bitcoin-sell-off-due-to-a-compromised-account-rollback
The informations there will be updated as our investigation progresses.
Please accept our apologies for the troubles caused, and be certain we will do
everything we can to keep the funds entrusted with us as secure as possible.
The leaked data includes the following:
- Account number
- Account login
- Email address
- Encrypted password
While the password is encrypted, it is possible to bruteforce most passwords
with time, and it is likely bad people are working on this right now.
Any unauthorized access done to any account you own (email, mtgox, etc) should
be reported to the appropriate authorities in your country.
Thanks,
The Mt.Gox team