Bitbns incident update 22nd feb
Hi
On 22nd feb morning 21 users in total suffered an issue with their account. On their account users could see a few withdrawal requests placed. This was resolved promptly and all user wallet balances were restored back. These were withdrawal requests from a different account which was visible in their UI.
We investigated the issue and identified a few things as to why it happened and have fixed it so that this does not occur again.
Would still cover a few security best practices to ensure your account has the best in class security. This is paramount as crypto prices are rising and attacks also have increased substantially.
We request users to update their passwords in case they use the same password on other websites. This is critical because if some other website gets compromised and their data gets leaked an attacker might have your login and password for bitbns as well if you use the same on bitbns.
2nd reinitiate your 2 factor authentication. This is a safety step to ensure no one earlier has gotten access to it can use it. It’s recommended that you keep creating a new 2fa every once a year or so. This is a security best practise and would ensure even if someone gets access to your earlier device where you might have authenticator they would still not be able to utilise it as you have changed 2fa. We would be disabling 2fa for users by 1130 am India time on 24th feb . And then users can now reinitiate their 2fa from 1145 am 24th feb
Ensure you do not have any unused chrome extensions on your system. There have been cases where crypto funds have been stolen where some earlier well known extensions had been acquired by some crypto hackers and they have used those extensions to sniff around credentials and other details. Great suspender has been one such chrome extension and there are others.
If you use API to access the exchange ensure the key is changed periodically.
With crypto prices increasing we anticipate more user level attacks that can occur. We have been working tirelessly to ensure exchange level attacks are countered and regularly do stress testing for the same. At the same time user level security is paramount and we would be working towards educating users consistently to enhance their security.
Till then
Onwards to a more secure crypto experience
Team Bitbns
