UPDATE (10th March, 8:35 GMT): There is good reason to believe that, while the data files may be genuine Mt. Gox data, .exe and Mac .app files within the dump are bitcoin wallet-stealing trojans. If you have somehow found a link to the files mentioned here, as we warned below, DO NOT OPEN THEM. If for some reason you have, transfer your bitcoins to another wallet immediately. _________________________________________________________________
Hackers (or disgruntled insiders) claim to have released a 700+MB file of Mt. Gox operational information and transaction data, including one sheet claiming the exchange could still have a balance of over 951,116 BTC.
One of the hackers managed to post the data on Gox CEO Mark Karpeles’ own blog, then announced the feat on Reddit. Karpeles’ site has since gone completely offline and Reddit moderators deleted the original post.
At press time the mods were engaged in a cat and mouse game with other community members who re-posted the original quote and several links claiming to be mirrors of the stolen data.
In a profane rant, the original announcement said:
“It’s time that MTGOX got the bitcoin communities wrath instead of Bitcoin Community getting Goxed. This release would have been sooner, but in spirit of responsible disclosure and making sure all of ducks were in a row, it took a few days longer than would have liked to verify the data.
Included in this download you will find relevant database dumps, csv exports, specialized tools, and some highlighted summaries compiled from data. Keeping in line with fucking Gox alone, no user database dumps have been included.”
“Repost and share this info before it’s gone. Lots of people, including us, lost money and coins.” Of primary interest to others was a file called ‘trades_summary’, which purported to show Mt. Gox’s balances in all available currencies.
This showed a balance of 951,116.21905382 bitcoins, with an accusation that Karpeles was lying about his company having no bitcoins to return to customers.
Many have pointed out that, even if the data is genuine, it could only represent the amount Mt. Gox believed it had in its reserves before shutting down, rather than an actual amount, and is not evidence of actual reserves.
Also included in the dump were a collection of .csv files detailing transactions and trades, Mark Karpeles’ own CV and a document containing two separate ‘home addresses’ of his in Tokyo.
The directories contained several executable files that readers would be well advised not to open on internet connected computers, no matter how many online commenters claimed their authenticity. Supposedly they are Mt. Gox’s own proprietary back office tools, though CoinDesk has not verified this and original files could have been altered before being posted on mirror sites.
Reddit users claim to have verified the data by examining spreadsheet material and looking up their own account balances.
Forbes reported that another post on the bitcointalk forums (also since deleted) claimed to have 20GB of stolen Gox data on a hard drive that they were willing to sell to cover their bitcoin losses. This supposedly included all user information, including photo ID scans from customer applications.
CoinDesk is monitoring this developing story and will post any new and relevant information if it becomes available.