On Oct 5, 2011 the Bitcoin7 exchange website posted a message to its users that it had been subject to a hacking intrusion that compromised their wallets and their user database.

“While our investigation is still going, evidence reveals that the attacks originated from Russia and Eastern Europe,” wrote the proprietors of Bitcoin7. “The attack itself took action not only against the bitcoin7.com server but also against other websites and servers which were part of the same network. Eventually the hackers managed to breach into the network which subsequently lead to a major breach into the bitcoin7.com website.”

The message promises an investment in new personnel and technology to overcome the situation and suggests that they’re attempting to gather their finances in order to reimburse their users. However, currently reimbursement appears to be extremely tedious and difficult to overcome. E-mails sent to Bitcoin7 users have directed them to hand out extremely personal banking information in order to withdraw the bitcoins they may still have in Bitcoin7’s wallets.

The sensitive information includes:

• Scanned ID/Passport;
• Proof of address/utility bill;
• Proof of funding or your bank statement;
• ABA/SWIFT number for bank transfer;
• Bank name and address.

I didn’t have to give out this much information when I was renting a new apartment. Most people who invest in bitcoins would balk at sending this much sensitive information over the Internet to a business that just showed that it doesn’t have the wherewithal to protect themselves from hackers.

It raises the question: How is all this useful anyway? Did Bitcoin7 originally require a scanned ID for logins? It seems that getting hacked has made the staff at Bitcoin7 a bit paranoid and perhaps a little bit overzealous. People with less than a few bitcoins on the system (probably most of them) won’t want to bite at this level of intrusion.

Hacked and fallen exchanges mean bitcoin traders need to stay smart

Community confidence in Bitcoin7 is not high. The only communication from the site has come from the unsigned sparse messages on the front page in fixed-width font. Many bitcoin users have been comparing the event to the hack of MyBitcoin, which included a lot of anonymous actors and the loss of a great deal of bitcoins from the market. Bitcoin’s exchange and wallet host history is rife with losses including one hack that struck Mt. Gox (the largest exchange in the market) and a technical snafu that wiped out Bitomat.pl.

It does not lend much assurance that Bitcoin7 only had a 1-year, private domain name registration with GoDaddy that hasn’t even existed an entire year yet. Registered in June 2011.

The bitcoin ecology is filled with scams, start-up gimmicks, and myriad other Johnny-come-lately outfits that get flocked to by the community because there’s nothing else to fill the vacuum. The amount of total insecurity in the market and its technological backing means that overall confidence is constantly falling in the media and possesses bad press.

The currency itself has a lot of underlying security and could be inherently safe, if only the very institutions that have grown up to exchange it would mature enough to protect themselves.