NEW YORK (InsideBitcoins) — Blockchain.info, a leading bitcoin exchange, issued a security disclosure this morning:
When making a scheduled software update overnight to our web-wallet, our development team inadvertently affected a part of our software that ensures private keys are generated in a strong and secure manner.
The issue was present for a brief period of time between the hours of 12:00am and 2:30am GMT on December the 8th 2014. The issue was detected quickly and immediately resolved. In total, this issue affected less than 0.0002% of our user base and was limited to a few hundred addresses.
“We are currently researching specific incidents, working with affected users, and reimbursing those users which lost funds.”
We have sent an alert to all users who have potentially vulnerable addresses in their wallets, for which we have an email on file. We are committed to working with any affected users to assess and rectify any issues.
If you created a wallet, generated a new address via Blockchain.info’s web-wallet, or sent bitcoin from your wallet during this time period and have not provided us with your email address, please contact our support desk at email@example.com or simply create a new wallet.
Addresses, wallets and transactions created via the Blockchain.info iOS and Android apps, and the Chrome extension are not affected.
Speculation on popular bitcoin boards is estimating the number of bitcoin lost during the event at 250 BTC, with a current value of about $90,000.
In a request for a comment, Nicolas Cary, CEO of Blockchain.info told Inside Bitcoins, “We are currently researching specific incidents, working with affected users, and reimbursing those users which lost funds.”
IMPORTANT: security disclosure to our users re: potentially vulnerable addresses: http://t.co/fBsEV3rdGL
— Blockchain (@blockchain) December 8, 2014