Steemit announced on their website that they were hacked.

The attack, according to them, has compromised about 260 accounts. A little less than US$ 85,000 worth of Steem Dollars and Steem are reported to have been taken by the attackers.

In the security announcement CEO of Steemit Ned Scott said:

“User accounts and wallets are not at risk, and we hope to soon reactivate the Steemit website to normal order. Any users whose accounts were compromised will be completely reimbursed.”

Law enforcement informed

At the moment it appears that the virtual currency itself has not been compromised but only the Steemit website has had issues. Steemit have informed their partner exchange Bittrex, who are helping with the investigation of the hacking incident. Steemit have also informed authorities including the police and the FBI of the hack.

What is being done

Some hours later Steemit have released another statement which says that they have been able to coordinate elected witnesses to secure compromised accounts which have balances of more than US$ 100. Ned Scott the CEO further states that:

“Within the next 48 hours, Steemit will begin to allow all newly secured accounts to reset their passwords simply by logging in with the same Facebook or Reddit credentials that were used to register in the first place. This easy process will work for the vast majority of the potentially compromised accounts. All of these account holders will regain full access to their funds and their original account name.”

Refund for users

Bittrex, on their part, temporarily suspended deposit and withdrawal of Steem and Steem Dollars at their exchange.

Steem has asked its users to contact their support team at [email protected]/* <![CDATA[ */!function(t,e,r,n,c,a,p){try{t=document.currentScript||function(){for(t=document.getElementsByTagName('script'),e=t.length;e--;)if(t[e].getAttribute('data-cfhash'))return t[e]}();if(t&&(c=t.previousSibling)){p=t.parentNode;if(a=c.getAttribute('data-cfemail')){for(e='',r='0x'+a.substr(0,2)|0,n=2;a.length-n;n+=2)e+='%'+('0'+('0x'+a.substr(n,2)^r).toString(16)).slice(-2);p.replaceChild(document.createTextNode(decodeURIComponent(e)),c)}p.removeChild(t)}}catch(u){}}()/* ]]> */ if their account was not created through facebook or reddit.

For the users that used their social networking Ids to create the account, they will be able to login using the same credentials they originally used within 48 hours.

It is expected that most users will be able to regain full access to accounts and funds. Steem it is advising their users to reset account passwords. Ned Scott in his communique has assured users again that “Any Steem or Steem Dollars stolen from compromised accounts will be fully refunded by Steemit.”