January 7, 2020
Twelve major cryptocurrency exchange hacks occurred in 2019.
Of these, 11 hacks resulted in the theft of cryptocurrency while one only involved stolen customer data. In total, $292,665,886 worth of cryptocurrency and 510,000 user logins were stolen from crypto exchanges in 2019. Cryptocurrency exchanges experienced more hacks last year than in 2018, when only nine cryptocurrency exchanges fell victim to security breaches.
As time goes on, you might think that cryptocurrency exchanges would become more secure. The reality, however, is that more hacks on cryptocurrency exchange are taking place year after year. In general, crypto exchanges remain unregulated, and it’s still unclear which regulatory agency has jurisdiction over the crypto markets.
Although there are no established rules regarding how cryptocurrency exchanges should safeguard customer funds, there are crypto-friendly countries and states. Canada, Malta and the American state of Wyoming have created crypto-friendly legislation that makes it easier for businesses to operate and gives them guidelines regarding security practices.
Sadly, not all countries have created guidelines or laws that help crypto businesses operate and reduce the risk for consumers. The way cryptocurrency exchanges store and protect their customer’s wealth differs from exchange to exchange; unfortunately, this makes cryptocurrency exchanges a hotbed for hacks that result in the theft of cryptocurrency or customer data. Let’s take a closer look at the cryptocurrency exchange hacks of 2019 and how much cryptocurrency, fiat and customer data was stolen in each incident.
Date: Jan. 14, 2019
Headquarters: New Zealand
Amount stolen: $16,002,108
Just two weeks into the year, the first hack on a cryptocurrency exchange took place. New Zealand-based Cryptopia was hacked for over $16 million worth of cryptocurrency at the time. Social media users started their own investigation, according to which, over 20 different cryptocurrencies were taken from the exchange’s hot wallet.
Date: Jan. 26, 2019
Amount stolen: $27,000
A few weeks later, the popular over-the-counter Bitcoin exchange LocalBitcoins was the victim of a security breach. Attackers were able to replace the official link to the exchange’s forum with a fraudulent link that led users to a fake page that resembled the discussion board but collected the information of the users who attempted to log in.
The attackers used the information they obtained to steal 7.9 Bitcoin — worth $27,000 at the time — from at least six user accounts.
Date: Feb. 15, 2019
Amount stolen: 450,000 account usernames and passwords
In just the second month of the year, Israel-based cryptocurrency broker Coinmama learned that its database had been breached. As a result, an estimated 450,000 user account logins and passwords had been compromised and posted on a darknet registry.
Date: March 24, 2019
Amount stolen: $7.09 million
On March 24, Singapore-based exchange DragonEx posted in its official Telegram group that it had experienced a hacking attack, and as a result, a portion of the users’ and the platform’s crypto assets had been stolen. Days later, DragonEx released an announcement on its website, saying: “On March 24th, DragonEx suffered APT attack, which is the greatest challenge since DragonEx was first launched in the year of 2017. 7.09 million USDT assets are stolen.”
Date: March 25, 2019
Amount stolen: $105 million
Just two days after the DragonEx hack, another cryptocurrency exchange in Singapore, CoinBene, was hacked. Many CoinBene users became suspicious of a hack when the CoinBene site unexpectedly went down for maintenance. Individuals who were tracking the CoinBene hot wallet noticed that a whopping $105 million worth of crypto assets had been removed. Even though all of the evidence is on the blockchain, CoinBene continues to deny that it was ever hacked.
Date: March 30, 2019
Headquarters: South Korea
Amount stolen: $18.7 million
March was a bad month for cryptocurrency exchanges. Just a few days after the CoinBene hack, Bithumb was hacked for an estimated $18.7 million — $12.5 million in EOS tokens and $6.2 million in XRP. Unlike other exchange hacks, Bithumb believed that the theft was an inside job committed by a former Bithumb employee who had access to its hot wallets.
Date: May 7, 2019
Amount stolen: $40 million
On May 7, Binance — the world’s biggest cryptocurrency exchange — experienced a security breach. As a result, 7,000 BTC, equivalent to $40 million at the time, was stolen. In addition, Binance said that hackers were able to obtain user API keys, two-factor authentication codes and possibly more user information.
Later, on Aug. 7, it was revealed that hackers were in possession of over 60,000 pieces of Know Your Customer data from the Binance exchange. An individual going by the name “Bnatov Platon” said he or she hacked the individuals that hacked Binance back in May and discovered that the original hackers had also gained access to 60,000 pieces of customer KYC data, including the photo IDs of 10,000 Binance users.
Date: June 1, 2019
Headquarters: United Kingdom
Amount stolen: $10 million
In June, GateHub made an announcement, saying 100 of its users’ XRP wallets had been compromised. A GateHub community member took a deep dive into the hack and discovered that by June 5, 23,200,000 XRP had been stolen from 80–90 of these wallets — the equivalent to about $10 million at the time.
Date: June 26, 2019
Amount stolen: $4.23 million
At the end of June, Bitrue was hacked, and roughly $4.23 million was stolen. Hackers learned of a vulnerability in Bitrue’s security that gave them access to about 90 user accounts. Afterward, hackers used what they learned from their 90-account takeover to successful compromise Bitrue’s hot wallet. As a result, 9.3 million XRP and 2.5 million ADA were stolen.
This article was posted: Tuesday, January 7, 2020 at 5:01 am