On Monday, August 21st, the reports on Bitmain, a high-end ASIC chip manufacturer and Bitcoin mining operation, being hacked began to appear on reddit.com and on the company's forum.
Thus, some of Bitmain’s customer data was allegedly compromised leading Bitmain to ask users to change their passwords. There's a screenshot of an e-mail that the user claims he received from Bitmain posted on Twitter:
Jihan strikes again... pic.twitter.com/JCOqcIfFUC
— Don SegWit (@smartbrain) 21 августа 2017 г.
According to the information the reddit.com user andonevris told ethnews.com, the greeting message did actually look like a hacking attack report:
I can confirm. I tried to log in to my account yesterday and was greeted with a message that the server had been breached and user data was stolen but was encrypted, also advised to change my password.
However, fortunately for Bitmain, the reason for the need for password changing is, probably, quite different.
Thus, Bitmain has not confirmed the hack on any of its official channels, while many users have complained about a recently implemented two-factor authentication (2FA) process on the company’s forum. It’s possible that Bitmain hastily enacted 2FA to address the password theft. A significant number of customers did not previously have 2FA enabled and now, for some reason, when these users try to log in, the Bitmain website requests a non-existent 2FA code.
The company's representatives claim that all services of the system have been checked and no vulnerabilities were revealed.