On January 5, 2015, the leading bitcoin exchange Bitstamp announced that one of its operational wallets had been breached.
"As a security precaution against compromises, Bitstamp only maintains a small fraction of customer bitcoins in online systems," the company said in a statement. "Bitstamp maintains more than enough offline reserves to cover the compromised bitcoins."
In the meantime, Bitstamp asked all customers not to make deposits to previously issued bitcoin deposit addresses, and suspended its services pending an investigation of the breach. "We will return to service and amend our security measures as appropriate."
In an update posted the following day, the company stated, "Bitstamp customers can rest assured that their bitcoins held with us prior to temporary suspension of services on January 5th (at 9am UTC) are completely safe and will be honored in full."
"This breach represents a small fraction of Bitstamp's total bitcoin reserves, the overwhelming majority of which are held in secure offline cold storage systems," the company stated. "We would like to reassure all Bitstamp customers that their balances held prior to our temporary suspension of services will not be affected and will be honored in full."
"We appreciate customers' patience during this disruption of services," Bitstamp added. "We are working to transfer a secure backup of the Bitstamp site onto a new safe environment and will be bringing this online in the coming days."
The company also stated that the stolen funds amounted to "less than 19,000 BTC."
Cryptocoins News reports that the total amount stolen appears to be 18,866 BTC, approximately $5.6 million, which comprises about 12 percent of Bitstamp's total reserves.
On January 6, 2015, Bitstamp CEO Nejc Kodric tweeted, "Our redeployment is up internally and is being filled with backup data for testing. Relaunch ETA ~24-48h. Thank you for your patience!"
The following day, Kodric tweeted, "We are fully rebuilding our systems from the ground up so that customers can use Bitstamp with full confidence and trust," then added, "My earlier tweet of 48 hours was a rough timeframe. We are testing our redeployed system internally before going live again to customers."
That timeframe continues to be unclear -- Reuters reported on January 6 that Bitstamp co-founder Damijan Merlak told the Slovenian state news agency STA, "At present we are setting up a duplicate of the whole infrastructure with experts in San Francisco which should be finished within 24 hours. Then we will be able to resume our services."
In a blog post examining the breach, security consultant Egor Homakov wrote, "Five. Million. Dollars. In a hot wallet. ... Bitcoin exchangers must understand one simple thing: you're going to be hacked. That's the truth you have to accept and build your entire architecture around."
"Bitstamp clearly wasn't ready to be hacked," Homakov added.
Bitcoin banks and exchanges are a logical target for hackers -- in March 2014 alone, bitcoin bank Flexcoin shut down after 896 BTC was stolen from its hot wallet, cryptocurrency exchange Poloniex announced that 12.3 percent of its bitcoin holdings had been stolen, and bitcoin exchange CoinEX lost all funds when its wallet server was hacked.