In an effort to help users keep their accounts secure, BitPay actively monitors authentication attempts to our platform. We, like many other websites, often see credential stuffing attacks where malicious actors use usernames and passwords stolen from other site breaches in massive automated login attempts. If we detect a successful login to your account from one of these automated attacks we proactively disable the password on your user account to prevent additional access and notify you about the activity.
If confidence is high, this action is immediate. In some cases attackers may evade detection, or we may not immediately have high confidence about all users who were targeted successfully. In these cases, you will not be notified for hours or days after the attack has taken place. We will let you know in the notification email what date the activity was detected.
As always, we highly recommend enabling two factor authentication on your user account to prevent unauthorized access, even in the case of someone obtaining your password.