Canadian Bitcoin exchange Cavirtex is shutting down, after hackers managed to compromise its systems, stealing hashed passwords and two factor authentication (2FA) secrets.
In a statement posted on its website, Cavirtex announced its closure, and that trading would cease on March 20 2015. Balance withdrawals will proceed until 25th March.
Cavirtex, which has been operating for the last three and a half years, is keen to underline that it remains solvent, and that customers’ funds were unaffected by the security breach.
Nonetheless, the damage to Cavirtex’s reputation is done - and it clearly feels that it can’t recover from the situation.
Clients are advised to wipe their browsers of Cavirtex cookies and change their passwords. It makes sense, as ever, to ensure that you are not using the same passwords anywhere else on the net.
Effective immediately, CAVIRTEX intends to cease carrying on an active Bitcoin business and will be winding down its operations in an orderly manner. As a result, effective immediately, no new deposits will be accepted by CAVIRTEX. Trading on CAVIRTEX will be halted effective March 20, 2015. Effective March 25th, 2015, no withdrawals will be processed. CAVIRTEX will communicate with any account holders that continue to hold balances after March 25, 2015.
We have maintained 100% reserves. CAVIRTEX is solvent and remains in a position to accommodate all customer withdrawal requests received prior to March 25, 2015. However, On February 15, 2015 we found reason to believe that an older version of our database, including 2FA secrets and hashed passwords, may have been compromised. This database did not include identification documents.
Because security and the safety of customer funds are paramount to our mission and the success of Bitcoin in general, CAVIRTEX has determined to cease active operations in the Bitcoin business and to return all customer funds. We believe that the damage to the company’s reputation caused by the potential compromise will significantly harm our ability to continue to operate successfully.
As a result of the potential compromise of our database we cannot be certain of the confidentiality of account credentials. Please log into your account and change your password immediately. Please also clear your CAVIRTEX browser cookies. BTC and LTC withdrawal will remain temporarily disabled.
Coindesk reports Caviretx’s CEO as saying that the company has been targeted by hackers for some time. Some how I doubt that they’re only Bitcoin exchange in the sights of online criminals.