Yesterday, at approximately 9 PM CET, our co-founder Jani’s Gmail account has hacked by a currently unknown person(s). The attacker(s) then managed to reset the password to Jani’s Cashila account and proceeded to withdraw approximately 13 BTC from Jani’s own personal funds.
We responded to this incident Immediately by taking Cashila offline for a complete audit of the website and all related services. This decision was based on the fact that Jani’s Gmail account is used for various other services where the attacker(s) could potentially cause harm. After we made sure that it was only his personal Cashila account that was breached, Cashila resumed normal operations.
What does this mean for you ?
First and foremost, rest assured ALL YOUR FUNDS ARE SAFE. The breach affected only one personal account. The security of Cashila has not been compromised in any way.
After we confirmed the scale of the attack and verified that Cashila wasn’t compromised in any way, we put the site back up at around 1 AM this morning. All services are operating normally with the exception of BTC withdrawals, which will also be working later today.
We strongly advise all users to set up two-factor authentication. 2FA provides your account with important additional security features, making even an attack such as this one a whole lot tougher.
The security breach is being investigated by private and public security specialists. We will provide further details as soon as possible.