The largest existing exchange for altcoins, Mintpal, has put up a notice on their support page alerting all Mintpal customers that they have been attacked. They stated that the target of this attack was the exchange’s stock of VeriCoins.

VeriCoin is a “Proof-of-Stake Verified. Proof-of-Work Distributed. Network-Stake-Dependent Interest” crypto-currency that boasts a minimum stake time of 8 hours, with no maximum stake time or amount.

Mintpal made a point of saying that their security was indeed breached, but that VeriCoin was the only thing taken from the exchange’s possession. While a substantial amount of VeriCoins were lost in this security breach—although Mintpal has not said specifically how many were lost—VeriCoin and the VeriCoin network was not compromised and did not suffer from any damage as far as security and infrastructure are concerned. Mintpal stated that they have been working diligently ever since the attack to secure both the exchange itself and the withdrawal process of the exchange so that another attack such as this one does not happen again. No other crypto-currencies were stolen in this attack, and the exchange is currently processing withdrawals for all other crypto-coins.

Furthermore, serving as a breath of optimism in the aftermath of the attack, the Mintpal team, the VeriCoin developers, and all other major altcoin exchanges are working to create a hard fork in VeriCoin’s blockchain, starting at a point before the attack. If this hard fork is successful, Mintpal will be able to retrieve all of the stolen VeriCoins and process all VeriCoin withdrawal orders. The Mintpal team also mentioned in their announcement that they will be working to reimburse the losses that any exchange suffers as a result of the fork.

Customers can expect the Mintpal support lines to be clogged up and busy in the next few days, as they will be dealing with the fallout from this attack. The team has asked for customers to have patience with them in the coming days, as they will be working at full steam to straighten out any problems arising from the attack while also improving their security to avoid another security breach.

So, while this event has uncovered a flaw in Mintpal’s security, and while many VeriCoins were lost in the breach, Mintpal and the VeriCoin development team assures the exchange customers and VeriCoin users that they are doing everything they can to return the stolen coins, restart the exchange’s VeriCoin withdrawal process, and improve the security of the exchange.

Mintpal is the single largest altcoin exchange in existence at the present moment, having two or three times the amount of activity as Cryptsy, another altcoin exchange that offers a variety of crypto-currencies, including VeriCoin and Bitcoin. Apparently, Mintpal has not been using cold storage to safely hold their funds that are not being actively used in transactions, since the attacker(s) were able access the exchange’s stock of VeriCoin—and would presumably be able to access the rest of the exchange’s crypto-currencies if they desired to. This event surely will inspire Mintpal, as well as any other exchanges that are not using it, to start utilizing cold storage in order to keep their funds safe from future attacks.

Coin Brief will continue to follow this story and will provide updates on any developments that are released by Mintpal and the VeriCoin development team.

Here is the Mintpal announcement in its entirety: