Hackers force closure of Canadian Bitcoin exchange Cavirtex

Canadian Bitcoin exchange Cavirtex has announced its imminent closure following an apparent security breach.

The exchange, believed to be Canada’s biggest, has already ceased taking new deposits and will halt withdrawals from 25 March.

The decision to close the exchange came on Sunday after it discovered that an older version of its database may have been compromised:

On February 15, 2015 we found reason to believe that an older version of our database, including 2FA secrets and hashed passwords, may have been compromised.

Fortunately, Cavirtex said that the database in question did not include identification documents.

In a statement published on Tuesday, the company elaborated on its decision to cease trading, citing uncertainty over security and potential reputational damage:

Because security and the safety of customer funds are paramount to our mission and the success of Bitcoin in general, CAVIRTEX has determined to cease active operations in the Bitcoin business and to return all customer funds. We believe that the damage to the company's reputation caused by the potential compromise will significantly harm our ability to continue to operate successfully.

As a result of the potential compromise of our database we cannot be certain of the confidentiality of account credentials.

The Cavirtex team said customer funds were not affected and the company remains solvent and fully able to cover all withdrawals made prior to its 25 March deadline.

The company urged users to change their passwords immediately – watch our video to learn how to pick a strong one – and delete any Cavirtex cookies from their browsers.

Speaking to CoinDesk, Cavirtex vice president Kyle Kemper said the exchange had been targeted by hackers before, and that the protection of customer balances was becoming ever more challenging:

[The closure] has entirely to do with the fact that some of our databases were compromised. And, given the history of hackers against us, you know, it seems to be kind of never ending. We never lost any client funds but its getting to the point where it could happen.

Cavirtex joins a long list of Bitcoin exchanges to experience the attention of virtual currency hackers:

• In May 2012 Bitcoinica was allegedly fleeced out of $225,000 before experiencing a further $90,000 loss later that same year.
• September 2012 saw the then fourth largest exchange Bitfloor lose $250,000 after an encryption lapse during a server upgrade.
• Various small exchanges in Australia, China and Denmark disappeared in November 2013, along with investors’ cash, after claiming they’d been hacked
• 2014 saw the fall of the greatest exchange, as Mt. Gox announced it had lost around half-a-billion dollars worth of Bitcoins following alleged insider fraud.

More recently, Bitstamp suspended its service after losing $5 million in BTC after hackers targeted its hot wallet and then, earlier this week, Chinese exchange Bter claimed to have lost $1.75 million after its cold wallet system was hacked.

For all its attractiveness as an alternative currency, Bitcoin and the associated trading of the currency still appears to be a bit wet behind the ears – so it may be wise to think twice before putting all your virtual coins in one virtual basket.

Image of Bitcoin courtesy of Shutterstock.