Bitmain Advises Users to Reset Passwords and 2FA due to Server Compromise

108



Interesting developments in the world of cryptocurrency can be found virtually every other day. The latest form of news comes in the form of how the Bitmain team announced a security notice. Various customers have been notified of a potential breach and are asked to change their password. No accounts were used for nefarious purposes, but it is possible the assailants stole some sensitive and personal information. Not a good day for the Bitmain team, that much is evident.

For the time being, it remains a bit unclear as to what happened to Bitmain exactly. A notice on their website says how one of their servers has been compromised. Criminals obtained some important account security information, such as encrypted passwords, email addresses, and phone numbers. While the company employs strong encryption, they still advise customers to change their account password. Additionally, they also suggest users should unbundle their Google Authenticator and set it up again from scratch. This latter part is rather unusual, to say the least.

Reset Your Bitmain Account Passwords Now

There also appears to be some confusion as to how affected users are alerted. Some sources claim the company hasn’t even contacted users via email. That is never a good security practice by any means. If people don’t log in to the Bitmain website, they may never be aware of this security issue in the first place. Changing passwords is also a bit problematic, by the look of things. It is certainly possible some users may get locked out of their accounts completely due to this hack. All things considered, a very problematic development for Bitmain. This can certainly hurt the company’s reputation even more.

Do keep in mind these accounts are used for mining purposes and buying hardware from the company. There is no cryptocurrency balance stored on the accounts, thus no money is missing. It does show criminals continue to harvest emails from people involved in cryptocurrency activity. It is certainly possible we will see these emails used by future phishing campaigns. Defrauding cryptocurrency users is a lucrative business, especially when it comes to wallet scams and ICO hacks.

All of this goes to show companies in the cryptocurrency world are still a weak link. More specifically, their websites are a big security risk. This goes for manufacturers, exchanges, and wallet providers alike. Any reliance on a traditional system to keep information safe isn’t going to work. One would expect companies such as Bitmain to take better security precautions, but they haven’t. A very disturbing development in this regard. It remains to be seen if the company will unveil how the hackers gained access to one of their servers.

Header image courtesy of Shutterstock

About JP Buntinx

JP is a freelance copywriter and SEO writer who is passionate about various topics. The majority of his work focuses on Bitcoin, blockchain, and financial technology. He is contributing to major news sites all over the world, including NewsBTC, The Merkle, Samsung Insights, and TransferGo.