CoinWallet, an online bitcoin and multicoin wallet service has announced the closure of its services. The announcement cites a recent data breach that struck the wallet and bitcoin services provider on April 6, 2016. Online multicoin wallet service Coinwallet is shutting down its services following…
CoinWallet, an online bitcoin and multicoin wallet service has announced the closure of its services. The announcement cites a recent data breach that struck the wallet and bitcoin services provider on April 6, 2016.
Online multicoin wallet service Coinwallet is shutting down its services following a recent data breach. Although the extent of the breach hasn’t been determined, the incident led CoinWallet management to conclude that recovery and realigning costs would not be feasible, thereby announcing the closure of the service in its entirety.
The announcement also leaves no reason to believe that the service will be resumed at a later time.
The blog post revealed a “small error” among the code that proved to be the bitcoin service provider’s undoing.
“Despite our best efforts, there was a small error in a part of our code that should have checked and sanitized user input on a recently added function,” CoinWallet explained.
No coins were lost as a result of the breach, thanks to a backup security infrastructure that ensured the system worked as it should. The vulnerability has since been patched, although the extent of the breach is still being determined by the wallet service.
Notably, the announcement urges users to change passwords on other websites and crypto-related domains, if a common username and password has been shared. Users’ passwords, while encrypted and salted for additional security on CoinWallet, can still be compromised.
For its part, London-based CoinWallet has reset all user passwords and deleted all issued API keys.
The announcement read:
This incident prompted us to reassess the viability of running coinwallet.co and it was decided it is just not viable taking into consideration the risk, costs and time involved.
CoinWallet users are advised to withdraw all their coins before May 1, 2016. Since coins weren’t affected by the breach, they are available for immediate withdrawal.
The service added that a large a volume of transactions is expected over the following days and weeks, cautioning users against possible delays in processing some transactions. However, CoinWallet also assured users that it will process all outstanding transactions before its impending closure.
Cybersecurity-related incidents are fairly common among crypto-service providers and websites. Bitcoin exchange Shapeshift.io was the target of one such breach in recent times, an incident that led to the shutting down of trading before the website was taken offline entirely, for an upgrade of its infrastructure. At the time of publishing, Shapeshift remains offline, citing downtime.
Featured image from Shutterstock.
Last modified: January 25, 2020 11:17 PM UTC