For the past two days bitcoin enterprise BitGo has remained somewhat publicly silent about the Bitfinex hack, outside of a single tweet they sent out when the news broke which said there was “no evidence of a breach to any BitGo servers.”
In a new more extended update from BitGo CEO and co-founder Mike Belshe, he confirmed again that BitGo has not been compromised and that BitGo has worked as it was supposed to work when protecting client funds.
The CEO says that the issue is specific to the way Bitfinex configured their implementation of the BitGo system, which was unique to Bitfinex and doesn’t impact other bitcoin exchanges. Belshe wrote,
“Our job is to protect your Bitcoin and continue to improve the security of the service. BitGo systems were not breached in this attack and our software functioned correctly. This may seem like an inadequate explanation, because everyone wants to know “what needs to change to avoid what happened in this case,” and we understand that. Fortunately, the Bitfinex configuration was unique and other BitGo customers do not need immediate changes. In the wake of this event, however, this is an opportunity for everyone to do an in-depth review of their security processes and risks. In the event your systems are compromised, what is your maximum exposure?”
Unfortunately since BitGo is involved in the active investigation, they can’t reveal too much information at this time, making the update somewhat more vague than most would prefer.
The uniqueness of the Bitfinex setup lends more credibility that it was configured in such as way that it was related to the CFTC regulatory guidelines enforced on Bitfinex in June, but is still undetermined at this time if it’s the root cause of what created the vulnerability for the exchange.