Update: Bitstamp has confirmed on the Bitstamp.net website further:
BITSTAMP SERVICE TEMPORARILY SUSPENDED
We have reason to believe that one of Bitstamp’s operational wallets was compromised on January 4th, 2015.
As a security precaution against compromises Bitstamp only maintains a small fraction of customer bitcoins in online systems. Bitstamp maintains more than enough offline reserves to cover the compromised bitcoins.
IN THE MEANTIME, PLEASE DO NOT MAKE DEPOSITS TO PREVIOUSLY ISSUED BITCOIN DEPOSIT ADDRESSES. THEY CANNOT BE HONORED!
Customer deposits made prior to January 5th, 2015 9:00 UTC are fully covered by Bitstamp’s reserves. Deposits made to newly issued addresses provided after January 5th, 2015 9:00 UTC can be honored.
Bitstamp takes our security and soundness very seriously. In an excess of caution, we are suspending service as we continue to investigate. We will return to service and amend our security measures as appropriate.
This evening, Bitstamp began sending out emails to customers that stated:
Today our transaction processing server detected problems with our hot wallet and stopped processing withdrawals.
You should STOP SENDING bitcoin deposits to your Bitstamp account IMMEDIATELY as private keys of your deposit address may be lost.
Your bitcoins already deposited with us are stored in a cold wallet and can not be affected.
We will send you more info as soon as possible.
The emails were allegedly sent to the customers of Bitstamp over the past several hours. Many in the community were unsure if the emails were legitimate as Bitstamp had yet to confirm that they were behind the email via any other channels.
The emails, which do have valid SPF headers, were further confirmed. At approximately 11:45pm EST, the Bitstamp website added a new message stating:
DO NOT DEPOSIT TO PREVIOUSLY PROVIDED BITCOIN DEPOSIT ADDRESSES. DEPOSITS SENT TO PREVIOUS ADDRESS WILL NOT BE HONORED. NEW DEPOSIT ADDRESSES ARE FORTHCOMING.
Coin Fire has been able to independently confirm with unnamed sources at Bitstamp that an issue does currently exist and that they are working to ascertain further information. One source stated,
We are working to determine what has gone wrong. The majority of our coins are swept and placed in cold storage often so this shouldn’t be a major issue right now but we are still working to determine the breadth of the issue. This seems to be a server issue and not a compromise but our teams are still investigating.
Coin Fire will be following this story as it continues to develop.