Who needs the FDIC? $250,000 Bitcoin heist leaves virtual currency exchange safe empty

Bitcoin bank run

The new online currency Bitcoin has always been proud of its lack of government oversight.  But that might be a less touted feature now that Bitfloor, the currency-trading environment for Bitcoin, has been robbed.

Bitfloor founder Roman Shtylman posted an open letter on the Bitcoin forums admitting that: “Last night, a few of our servers were compromised. As a result, the attacker gained accesses to an unencrypted backup of the wallet keys… This attack took the vast majority of the coins Bitfloor was holding on hand.”  A later update stated that the hackers transferred 24,000 Bitcoins — around $250,000 in U.S. currency — to an unknown location, clearing out all of Bitfloor’s virtual cash reserves. 

Shtylman promises to pay back users who’ve lost their Bitcoins using “current available funds.”  The speed of that repayment may be an important factor for users: Over the span of only months, the value of Bitcoins has been up and down more than a yo-yo on a roller coaster.  In the last 18 months, a Bitcoin went from being worth $15, to $3, to a few cents, to today’s $10 value.  So 24,000 Bitcoins tomorrow could have a very different value from 24,000 Bitcoins today, leaving even repaid users very unhappy.

Equally upsetting to those who’ve parked their money in Bitcoin wallets was what the security breach implies about the company’s internal security.  The fourth response to Shtylman’s open letter read simply: “Unencrypted backup???”  Shtylamn immediately explained that the unencrypted backup was created when he “manually did an upgrade,” but reiterated that he wanted to “focus on the future.” This is not the first time Bitcoin has lost money to hackers, but the discovery that they have user information stored in unencrypted files might be what finally prompts a full-fledged run on the Bitcoin bank; no one’s eager to keep their money in an unlocked vault.

Mainstream economics writers are enjoying a good chuckle at the crushing of Bitcoin’s libertarian dreams.  Solidly centrist website The Atlantic was happy to point out that U.S. banks are FDIC insured in order to guarantee that in the event of a robbery, account holders don’t have to depend on the goodwill of the bank manager to get their money back. Bitcoin’s popularity as currency of choice for skeevy sites like drug-dealing marketplace Silk Road further ensures that getting robbed doesn’t win it much sympathy, and there’s no word on whether Bitcoin will turn to the government agencies it previously scorned in order to track down the thieves.

Bitfloor is shut down while Shtylman scrambles to repay users.  He promises that international users who wish to withdraw their money can send him an e-mail requesting withdrawal, a weirdly informal system for currency exchange which calls to mind disturbing images of Depression-era banks understaffing their teller windows so customers couldn’t take out all their money at once. There would be a certain delicous irony if the latest debacle reminds the idealistic libertarians of Bitcoin exactly why government currency regulations became popular in the first place.

Update: Roman Shtylman is not being sued, the article in question referred to Bitcoinica founder Zhou Tong. We regret the error. The story has been updated to correct this inaccuracy.

Editors' Recommendations