Take care of your username and password. Use strong passwords and enable two-factor authentication to protect your account
UPDATE 2019-05-30: The bot login attempt incident has stopped. It lasted some 48hrs and it seemed to be part of the bigger attacks in Asia (we heard that some other systems were attacked too). We will be collecting all the data, also the emails that were tried to be used towards our systems even they are not our customers and notify them about the potential breach in their accounts. We recommend everyone to keep their username+password safe and always use strong and unique passwords with online services. We also recommend enabling 2-factor authentication if you can. The good thing is that our system was working as expected and there was no issues with system integrity. We will, however, enforce some additional security configurations to everyone’s wallet account: this will have a bit of negative impact in user experience, but it will have positive impact for users account security.
Dear all wallet users!
This is an important security announcement and reminder to everyone using our wallet system, provided by PayApi Escrow.
Yesterday, Tuesday May-28th, we started to notice unexpected or unusual traffic towards our wallet system. Unexpected and unusual because of the logic and actions of such originated traffic.
This traffic was originated from multiple locations, which means that a bunch of bots have tried to login to our users’ accounts, using a big list of username/password combinations. This list of username/password combinations is most likely originated from the black market or some other previously breached website and/or application.
Our system has so far detected over 1M login attempts since yesterday. Most of these are done with an unknown username to our system, but some of them are also done with a known username. This means that if your username (email) and password combination is not unique for our wallet system (e.g. you use the same password in any other website) , your account may have been compromised! If this is the case, we suggest you to change your password immediately and to use a strong and complex password, which is unique to our system, to prevent any unauthorized access to your wallet account. It is your responsibility to safeguard your wallet and to keep your wallet credentials safe.
Recommended Action: To change your password, please login to your account, click your profile avatar, click Security and enter your old and new password. You can also use the "Forgot password" functionality to reset the password.
We also recommend you to enable 2-factor authentication in your wallet, to further improve the security of your account. You can use for instance Google Authenticator mobile application for this purpose.
Recommended Action: To enable 2-factor authentication, please login to your account, click your profile avatar, click Security, click Authentication, click Configure and then follow the instructions in the screen by scanning the QR code with your authentication application.
PLEASE TAKE THIS ACTION NOW, IF YOU FEEL THAT YOU HAVE A WEAK/BAD PASSWORD OR IF YOU FEEL THAT YOUR USERNAME OR PASSWORD MAY HAVE LEAKED OR YOU USE THE SAME PASSWORD IN ANY OTHER WEBSITE.
What does this mean? With FinTech services and applications, this is business-as-usual. However, because this is first of such event for PAE Wallet, we will continue monitoring the situation carefully. We will also make it mandatory and enforce the use of PIN code for any wallet transfers and for any withdrawals to prevent and minimize any misuse. This is not convenient from user experience point-of-view, we know, but it is better from the security perspective. While we implement this change, we have disabled all wallet withdrawals temporarily.
For avoidance of doubt, it should be confirmed that our system is safe and secure, and has not been compromised! But instead there is an external organization using bots and known username/passwords lists against our wallet login system and against our users.
PAE Wallet Team
The Sapphire Coin® (SPH) is a new cryptocurrency for online gaming, gambling and betting. ClickJackpot® is a new skill-based, patent pending, gambling game with one of the biggest jackpots in any lotto, gambling or betting scenario. You click to play and play to win.
SapphireCoin – Currency of the Winners