When Bitcoin’s popularity starts to sore, so do the security requirements for websites holding large amounts of Bitcoin. Adding to the long list of Bitcoin payment processors and exchanges that have taken large hits is always an odious task. On Novemeber 17, 2013 BIPS had 1,295 BTC stolen; the bitcoins are still being held by the attacker at this address: 1LuG91tcSQxKj32BsCoRkX7yQLfj9LtkCs.
The anatomy of the attacks is beyond my skill to properly report; read the original story here.
This hacking of Bitcoins brings to mind many questions about Bitcoin security for newcomers to the Bitcoin sphere, undoubtedly. I suppose it is worth repeating that the Bitcoin protocol, with the exception of a quickly remedied exploit many years ago, has never been compromised. BIPS, like many before it, was attacked from a different vector essentially boiling down to a compromised email and password combination. Bitcoin has power because it is a decentralized system, and the only person that has the ability to spend your coins, to trust them to another person, is you. This puts more due diligence responsibility on the average person than is present in the rest of society. Trusting your Bitcoin to an online service, no matter what their track record or security protocols are, is always a risk because there is now a centralized point of failure beyond your control. BIPS users clearly see that now.
Have a cryptic day, mis amigos.