Edit: Noticed your OpSec comment below. I work in the field as well (SANS 504, 542 certified) and I may be overly cautious here but I would rather be wrong than see any accounts compromised.
Good observation on the usernames. Yes they're numerical and unfortunately only 5 or 6 digits in length which wold take very little effort to enumerate and likely they way they were captured. This is almost the same as having the username db table stolen (minus services/admin accounts).
I still suggest as a precaution QuadrigaCX should reset all user passwords or at least suspend account withdrawal until root cause analysis is performed. In addition, they should re-assign harder to brute-force usernames as the the attackers might already know which accounts are valid . However, because they know what the valid accounts are, they can continue to attempt to login to them. A Captcha will slow them down temporarily but not stop them.
As it stands, any account that failed to implement second factor for authentication are very likely at risk of having their accounts compromised, especially if that user happened to re-use a password that was compromised elsewhere. In addition, some people will even re-use their compromised "complex" e-mail passwords for other services rendering e-mail as a second factor useless.
I recommend others here check what e-mail accounts they used to sign up for a QuadrigaCX account at https://haveibeenpwned.com/. This is a good resource to "Check if you have an account that has been compromised in a data breach".
Yeah, it's hard to know what this will work out to. For all we know it could be a tenth of a cent on the dollar, so $5k would pay $5.
It's also possible you'll be paid even if you don't do this (less likely, but maybe).
Personally I opened it in Google Drive using https://dochub.com and it was super simple to fill and sign. It took maybe 5m. (This was my first time using this service, but their privacy policy seemed okay)
Hey everyone, I built the app that everyone, including myself is dying for. Let me know if you have any feature requests or issues! The app will require you to create an API key through the Quadriga website. I highly advise setting the locked deposit addresses when creating the key.
https://play.google.com/store/apps/details?id=com.matthewpatience.canextrader
On https://haveibeenpwned.com/ only 1 of the 2 addresses has any pwnings: address was pwned once in a Bell hack in 2017.
Circumstantially, this suggests these email addresses weren't widely used.
1) QuadrigaCX-Trouble Shoot Have you tried the long ID Verification method? Or start over a new account registration going through Equifax again? Equifax verification is Instant! You need to have all your basic personal info ready (SIN#, maiden name, bank and loans info). 2) Set up an account with Bitfinex https://www.bitfinex.com/ 3) Use Credit Card to purchase via CoinBase (very expensive as they wrap a 10+% fees inside the exchange rate) 4) Take your cash and go to BTM. Figure out the withdrawl part later when the other regular CryptoTrading account verification settles.
Fair points. Except the one about complaints; CoinBase is one of the biggest exchange in the world and it's American so of course there are more complaints on reddit.
I don't know which exchange truly is the most popular in Canada; market data suggests that GDAX (Coinbase) reports all trades in USD, so the only crypto/CAD pairings listed on coinmarketcap.com are for QuadrigaCX and Kraken (didn't even know that one was in Canada). Coinquare appear to have some BTC/CAD volume too. Coinbase has an app, and it's ranking #16 in Canada on Google Play (https://www.similarweb.com/apps/top/google/store-rank/ca/all/top-free). QuadrigaCX doesn't have one.
I'm all for QuadrigaCX being better than Coinbase, it's just that I feel they are in a position where they could be #1 by far in Canada and they just have to seize it. More coins, an app (I don't care for it but so many newcomers do apparently), and credit card payments would make it perfect in my eyes.
In the highly connected world we live in it's almost impossible to disappear without a trace. There is an excellent book called How to Disappear by Frank Ahearn. From Amazon "How to Disappear is the authoritative and comprehensive guide for people who seek to protect their privacy as well as for anyone who’s ever entertained the fantasy of disappearing—whether actually dropping out of sight or by eliminating the traceable evidence of their existence.
Written by the world’s leading experts on finding people and helping people avoid being found, How to Disappear covers everything from tools for disappearing to discovering and eliminating the nearly invisible tracks and clues we tend to leave wherever we go. Learn the three keys to disappearing, all about your electronic footprints, the dangers and opportunities of social networking sites, and how to disappear from a stalker."
https://www.amazon.com/How-Disappear-Digital-Footprint-Without/dp/1599219778
​
I have read the book a number of times and one of the worst ways to disappear is to fake your own death. The other thing is when a person suddenly disappears what happens is there is always someone in that persons circle of friends who becomes completely obsessed with the case. In Gerald Cottons case we have a situation where many highly intelligent people from around the world are on the case and becoming obsessed by it. If this is an exit scam - (which many people including myself believes it probably is)and if Cotton is still alive then it's only a matter of time before he is found and brought to justice.
​
Everything about the case is suspicious and it reeks of an exit scam. Apply the duck test: If it looks like a duck, swims like a duck, and quacks like a duck, then it probably is a duck.
This book was written by a former incel on how he overcame the mindset:
"The Boy With Zero Self-Esteem and How Cannabis Helped Save His Life"
A Review:
Read:
Hey, I just built an app for QuadrigaCX, mainly because I wanted it for myself but also figured everyone else could use it. Saw your post so I thought I'd let you know. Let me know if you have any feature requests or experience any bugs.
https://play.google.com/store/apps/details?id=com.matthewpatience.canextrader
Oh like buy on Quadriga and then withdraw it? I personally only use the Quadriga wallet so I am not sure which ones are a good choice. Hardware wallets are always a good option as they are secure and you have complete control over your keys. I don't have enough invested in quad right now to justify one, but maybe later.
Trezor currently on sale.
Hope this helps!