Hi wizzy, The Silk Road database was not compromised during the DDOS attack (a DDOS is simply a group of computers bombarding a website with traffic - i.e. attempting to access the site at one time) so there is no way the attacker gained access to your password or PIN. Even in a hypothetical situation where the database does manage to be compromised, user information is all hashed ("encrypted", in a way) so the person trying to access your account would have to brute-force your password. If you are using a relatively strong password this would take between a few thousand and millions of years. The chances of them brute-forcing your password AND your PIN are nigh on impossible. The ONLY possible ways for someone to have gained access to your password and PIN are by you entering them on a phishing site or accessing Silk Road via onion.to on the clearweb and the onion.to operators recorded your keystrokes. The second possibility is unlikely, though completely possible. Remember that if you enter your details on a phishing site they will usually automatically forward you to the real Silk Road site and log in with your password so you won't realise. They will then empty your account of your Bitcoin either automatically or when the phisher realises that somebody has fallen victim to their site. Silk Road will NEVER ask you for your PIN when you are logging it, it is used strictly for making purchases and withdrawals. Whenever you are asked to enter your PIN, check that you are on the correct site: silkroadvb5piz3r.onion Never trust any links you find online, neither on the Hidden Wiki nor anywhere on the clearnet. Memorise the real address or bookmark it in your Tor browser and ALWAYS make sure you're visiting the correct site. Thread locked as resolved. Libertas