Well, to answer that question, you'd have to look at how many times in the past a person's account has been hacked into. And that would be a resounding "zero"! Nobody, to this day, has ever had their wealth siphoned out by an unscrupulous masked hacker breaking into our blockchain from the outside. However...
Funds have somehow still ended up being stolen from accounts, with an instance of this taking place just yesterday. How is this possible, you may ask? By Steemians using their "Master Key" (or "Owner Key" as it is sometimes referred to) as a means to interact with the Steem blockchain. This is a mistake of epic proportions and even more so given the fact the creators of this platform have provided measures against this sort of thing in the form of your "Posting Key" and "Active Key (their permission-based solution for us allowing for said user to only post blogs or transfer funds respectively). There is literally no reason to use the "Master Key" apart from changing any of your account passwords. And ironically, that is exactly what those criminal-minded lurkers have been able to get their hands on. I hate when people liberally thrown around the phrase "hacked", when in truth we ourselves voluntarily hand out the information from which spammers can then infiltrate funds and accounts. The term "hacking" doesn't even come close to what's actually happening.
One important thing to keep in mind and I cannot stress the significance of what I'm about to say. In a decentralised and free market blockchain system such as Steem (and crypto, in general), the onus is on "you" to keep your account and records intact. Some may not like this unique ideology of self-governing independence, it which case there's nothing more to see here. Move along please. The very fact of the matter is being part of a unregulated, self-autonomous environment means acting responsibly within the constructs of the infrastructure at hand. In our case that translates as, ALWAYS USING YOUR "POSTING KEY" TO LOGIN AND NEVER, UNDER ANY CIRCUMSTANCES, OPEN UNVERIFIED LINKS. It's understandable mistakes do happen but distributing out your most sensitive data online could be seen as gross negligence on our part, especially if already forewarned about such activities.
Another point I want to make and this one is a little controversial. But hell, it needs to be said. Criminal elements that spoof accounts and attempt to gain access to our accounts do perform a function on the blockchain. That being, to try and steal our valuable data. You can't stop them because this is a decentralised system. Where policed rules and choice stem from what the community dictate them to be. Spammers, spoofers and phishers have every right to be here just as you or I do. There is literally no getting round that so acceptance is key here. However, what we "can" do is strategise against them by implementing our own personal solutions that guard and protect the data we place such importance on. Kicking, screaming, cursing and abusing them after the event will do nothing but most likely cause a chuckle of defiance. Instead, focus on remain strictly on preventative actions or prepare for serious regrets in the future. Harsh, I know, but true.
I'm saying this because having your accounts defiled must be soul-destroying and I "do not" wish that on anybody here with even a modicum of dignity and respect. So I say this. Let the crooks to their very best, as long as we consistently continue do ours too.
