Yet another man who wants to punish honesty? They could claim that the attacker used the proper user credentials to login on the server and nobody would be able to disprove that.
>They have a track record of having security issues
Please, provide a proof-link.
>they are not PCI compliant;
No credit card credentials have been stolen. It's that bitcoin service kept the keys insecurely. Bitcoin transactions should be signed on a machine w/o public access from the Internet (1) and have a threshold for transactions which have not yet been reviewed manually (2). Having these two practices implemented they would lose not more than that threshold (say, $1k-$5k).
>and unless they replace every single last BTC, I am going to just go ahead and state they never did care about their customers.
I have not heard about such a practice in the digital world. Nobody can make a 100%-secure system. But everyone can stay honest and improve security when a vulnerability has been found.
Yet another man who wants to punish honesty? They could claim that the attacker used the proper user credentials to login on the server and nobody would be able to disprove that.
>They have a track record of having security issues
Please, provide a proof-link.
>they are not PCI compliant;
No credit card credentials have been stolen. It's that bitcoin service kept the keys insecurely. Bitcoin transactions should be signed on a machine w/o public access from the Internet (1) and have a threshold for transactions which have not yet been reviewed manually (2). Having these two practices implemented they would lose not more than that threshold (say, $1k-$5k).
>and unless they replace every single last BTC, I am going to just go ahead and state they never did care about their customers.
I have not heard about such a practice in the digital world. Nobody can make a 100%-secure system. But everyone can stay honest and improve security when a vulnerability has been found.