The crypto industry has been the target of hackers ever since its inception. The lack of regulation within the industry makes it particularly vulnerable to breaches and it means customers may not be able to get their funds back in the event of them being stolen.
Let’s take at some of the biggest crypto hacks and leaks that have taken place in the cryptocurrency industry. You may be surprised to see some well-known exchanges on our list of cryptocurrency hacks.
What you'll learn 👉
1. BitGrail hacked in 2018
We begin our list by taking a look at a hack that affected the Italian crypto exchange BitGrail. It led to over $146 million in funds being stolen and around 230,000 users being affected. This was a relatively small exchange and it highlights the risk of trading with unreliable exchanges that may not have sufficient security protections in place to prevent these hacks from occurring. Always do your research!
2. Binance hacked in 2019
But, even the biggest crypto exchanges aren’t immune to hacks and lacks. Binance learned that lesson in 2019 when their platform was hacked and over 7000 Bitcoin was stolen (valued at $40m million at the time). But, it wasn’t just funds that were stolen. Two-factor user codes and API tokens were also taken. Binance CEO Zhao Changpeng stated, “The hackers used a variety of techniques, including phishing, viruses and other attacks”. This attack highlights how even the most well-known crypto exchanges can still have security vulnerabilities.
3. Coinbase hacked in 2021
In October, Coinbase, which is the second-largest crypto-exchange, had a data breach meaning over 6000 users may have had funds drained. The exploit was related to a flaw in Coinbase’s two-factor authentication. Funds were immediately reimbursed with the exchange investigating further. Despite going public this year, even Coinbase could not sufficiently protect itself from a cryptocurrency breach.
4. KuCoin hacked in 2020
Another prominent crypto exchange that was affected by a security breach was Singapore-based KuCoin. Last year it was the victim of a hack that led to $218 million in funds being stolen by suspected cryptocurrency hackers from North Korea. They were also able to obtain the private keys of some of the biggest wallets on the exchange. Thankfully, the company was able to recover most of the funds and refund their customers. This was made possible due to a thorough investigation that was able to identify the cryptocurrency hackers.
5. MtGox hacked in 2014
Sadly, many customers often don’t get their funds back when a hack occurs. In 2014, over $450 million of Bitcoin was stolen from MtGox, a Japanese exchange. Funds were not returned to customers and the breach eventually led to the collapse of the exchange. Several lawsuits were filed against the company.
6. Coincheck hacked in 2018
Another cryptocurrency exchange that happened in Japan involved the crypto-exchange Coincheck. $534 million was stolen, and customers were eventually reimbursed, although the process was time-consuming.
7. Poly Network hacked in 2021
Bitcoin exchange hacks aren’t just a thing of the past. Just a few months ago, the Chinese exchange Poly Network had $610m worth of cryptocurrencies stolen from its platform. The funds were returned by the hackers and the exchange is beginning to reimburse customers. However, this case shows that even if funds are returned, the process of getting your crypto back can be time-consuming.
8. BuyUCoin was hacked in 2021
Aside from funds being hacked, there are also instances of customer data being leaked. BuyUCoin, an Indian crypto-exchange, was affected by a hack that led to the personal data of 161,400 traders being leaked. It was revealed that three separate breaches occurred in June, July, and September. Data included personal contact information, encrypted passwords, wallet details, bank details and transaction history.
9. Robinhood was hacked in 2021
Even the most robust security measures can sometimes not be enough to stop a crypto exchange hack that relies on social engineering. Robinhood is a popular stocks and crypto platform that suffered a data breach in November 2021 which led to millions of customer names and email addresses being taken. A hacker somehow led a customer representative to give them access to customer support systems. Robinhood must rethink its security protocols to avoid a similar breach in the future. This is an example of how technical security is not enough. Staff must also be given the right training to make sure they follow the correct procedure at all times.
10. Blockfolio was hacked in February 2021
Earlier this year, hackers were able to gain access to Blockfolio, which is a crypto portfolio management app owned by FTX. The hackers sent offensive push messages which went out to registered users.This was a unique crypto hack since no funds or details were stolen. However, it underlined a key security weakness and similar cryptocurrency exchange hacks could have severe consequences if misinformation can be widely sent out. This hack underlines the importance of strong access management and comprehensive security audits.
Measures to prevent hacks
As we saw from the Binance example, biggest doesn’t always mean best, even the largest exchanges have been subject to hacks and leaks. There are a number of measures that can be implemented to prevent hacks and breaches.
Regulation and security
Many aspects of the cryptocurrency industry remain unregulated, however, certain exchanges adhere to traditional financial regulations. These provide additional protection for customers.
Below are examples of crypto exchanges that adhere to stringent regulations and have the highest levels of security on their platforms.
1. Crypto.com
A good example of a secure and regulated platform is Crypto.com. All of the cryptocurrencies on their platform are held offline in cold storage, which is the most secure way to digital currencies.
Additionally, their cryptocurrencies are insured by $360 million in case of damage or theft. The crypto exchange implements a rigid security process that is embedded throughout the business. It remains one of the few platforms that has not been subject to any hacks or breaches. The platform has a plethora of security certifications and they are regularly audited by top security professionals.
2. Currency.com
Currency.com is a crypto exchange that adheres to the financial regulations of NBRB (National Bank of the Republic of Belarus). This is the only region that provides legal regulation of blockchain technology. Notably, this exchange has been regulated since its inception. This means that it can protect customers before waiting for further crypto regulations to come in.
Currency.com uses cutting edge technology to keep customers safe and as of yet has not experienced any hacks or breaches. When considering the trading volume of this broker, that is an impressive feat. Although it may not be as well-known as other exchanges, it has firm foundations in place due to the stringent security technology and adherence to regulations.
3. Gemini
Another exchange that has a robust security protocol is Gemini. They provide $200 million in crypto-insurance for clients and the majority of coins are held in cold storage, which is generally considered the safest option. These coins are insured and customers have the option to purchase additional insurance if they wish. Gemini also has a ‘bug bounty’ which is where ethical hackers are rewarded for finding any potential exploits. This helps to patch potential vulnerabilities before they can be exploited.
The Final Word
Many people ask the question ‘can cryptocurrency be hacked’? The answer is a resounding yes. Sadly, hacks and breaches remain a common occurrence within the wider cryptocurrency industry, but also in the traditional financial industry. The lack of regulation means there is an insufficient security protocol and therefore major incidents are likely to continue. The best way for a client to protect themselves is to do their research and select a cryptocurrency exchange that has regulations in place.
Sometimes the biggest exchanges aren’t necessarily the most secure. It is always advisable to do your research and follow basic security guidelines when accessing your account.