$41 million stolen from cryptocurrency exchange Binance

Cryptocurrency exchange, Binance, has announced a “large scale data breach” confirming its loss of 7,000 bitcoins.

Binance, one of the largest cryptocurrency exchanges, released a statement May 7 disclosing that a large scale data breach has occurred, whereby hackers stole $41 million in cryptocurrency.

The statement said that the hackers had used a variety of techniques including phishing, viruses and other attacks. The hackers had obtained API keys, two-factor codes and other information. Binance added that additional accounts may have been affected but these have not yet been identified.

Binance reported that the bitcoins were withdrawn from a hot wallet, which contains approximately 2% of the exchange’s total bitcoin holdings. Binance emphasizes that all of their other wallets are secure and were unharmed.

Changpeng Zhao, Binance chief executive said in the statement:

“The hackers had the patience to wait, and execute well-orchestrated actions through multiple seemingly independent accounts at the most opportune time. The transaction is structured in a way that passed our existing security checks.”

“It was unfortunate that we were not able to block this withdrawal before it was executed,” Zhao added.

The withdrawal triggered security alarms at Bianance, however the alarms came too late and was not fast enough to stop the transaction.

Binance has announced that the company will undergo an in-depth security investigation to ensure no other hackers are controlling any accounts. Binance has also revealed that it would be absorbing the damage, and thus will use the #SAFU fund to cover the incident. Therefore user funds will not be affected.

Deposits and withdrawals will be suspended until the company investigation is completed, however trading will remain open.

“We strive to maintain transparency and would be appreciative of your support,” Zhao said.

PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.

For more information on upcoming events, visit the website.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.

Privacy Culture: Data Privacy and Information Security Consulting, Culture & Behaviour, Training, and GDPR maturity, covered. https://www.privacyculture.com/