Popular bitcoin trading platform BitQuick announced last week that it would suspend all its services for the next two to four weeks to investigate a cyber attack that occurred on March 14, 2016.
The website acknowledged that the perpetrators of the crime were partially successful as they managed to breach BitQuick’s security, gaining access to the backend operations with administrative privilege.
To their credit, BitQuick’s security staff spotted the attack when it was still at an early stage and proceeded onto shutting down all its servers in order to prevent further damage, as reported by Catalin Cimpanu of Softpedia.
The company can not tell for sure what information the attackers managed to steal during the breach. However, it was quick to point out that no funds were stolen. In addition, BitQuick also confirmed that email addresses or personal data (e.g. passport data, driving license, or any other identity proof) belonging its users were not compromised.
Within 24 hours of the attack, all BitQuick users were notified of the breach along with a detailed withdrawal instructions to all the sellers on the site. The company also stated that all transactions had been duly processed except for three percent of the money it stored before the attack (which is currently unclaimed).
To mitigate any security loophole that led to this recent attack, the company will be conducting a thorough audit in the coming weeks. An internal investigation was commissioned right after the attack was spotted and repelled.
“Once the investigation has been completed, the attack vector has been patched, and the rest of the source code has been audited for security,” said the company.
BitQuick services will remain shut for the next two to four weeks because of the ongoing security audit.