I am not as computer literate as most of you. I have some dumb questions. Please be patient with me.
1. Is the *only* data that has been lost the user names, email and hashed password? Is there any way these people can get at my wallet? (I had nothing at Mt. Gox so I have no worries about that)
2. Can they get at the account from which I sent money to Mt Gox?
3. How could this have happened? I expected a person handling this kind of money would be secured like my bank website. On the other hand, why did everyone trust him?
4. Is Mt. Gox giving any accountability such as taking steps to secure what information has not been lost yet?
5. Luckily I used my Mt Gox password only there. What steps should I take to secure other data I have?
thanks
1. This is the only data that
we know of that was leaked. No, there is no possible way they can get to your wallet unless they got into your computer via a remote connection using your password.
2. If you used the same password, yes.
3. Most likely SQL injection, I'm surprised that in 2011 people are still not using prepared statements for querying the database. Because it is the most popular? Didn't have any problems for a long time.
4. Most likely.
5. If you used the same passwords as the one as Mt. Gox, change it.