Recent data shows that as of Q3 2019, the total amount of money lost as a result of cryptocurrency crime this year has hit a whopping $4.4bn.
Of course, not all this was down to exchange hacks. Inside jobs, Ponzi schemes, exit scams, and malware all play a massive part as well.
That said, if the Binance hack taught us anything, it’s that exchanges are pretty fair game.
Check out the seven exchange hacks of 2019 so far. Can we expect any more before the year ends?
The year started off badly for New Zealand-based cryptocurrency exchange Cryptopia. On January 15, the lights went out and the exchange went quiet after discovering a “security breach”.
Cryptopia users were locked out of the exchange during a police investigation that failed to confirm the exact amount lost until the following month.
Kicking off the series of exchange hacks in 2019, Cryptopia lost around $16 million due to poor security practices. The exchange had been channelling all users’ funds into a pooled wallet.
The latest update for #Cryptopia stakeholders is now available. The next statutory report is due in early December and we will provide a formal update on the liquidation progress via this report. https://t.co/t6VDnjcKDx
— Cryptopia Exchange (@Cryptopia_NZ) October 25, 2019
Singapore-based DragonEx was the next of 2019’s exchange hacks on March 24, when it emerged that it had lost an “undisclosed” amount of funds. The company later announced via its Telegram channel that the losses amounted to $7 million.
The exchange did not promise to return users’ funds. However, it did work on a compensation plan to return lost funds in Tether or the Dragon Token equivalent.
Later that month, South Korean exchange Bithumb became the next cryptocurrency exchange to suffer a security breach. This was the second major hack to hit Bithumb since its inception.
The second time around, the damage was not as severe (the South Korean exchange lost a massive $31 million in 2018).
However, hackers still made away with $13 million worth of EOS and some $6.2 million worth of XRP. No user funds were lost in the hack, and the exchange maintained that it appeared to be an inside job.
We deeply apologize to our members for delaying the cryptocurrency deposit and withdrawal service, we would like to inform you of the circumstances of the grounds and confirm that your assets are safe.
For more details >> https://t.co/dOvT78P0sK
— Bithumb (@BithumbOfficial) March 30, 2019
Easily the most shocking of all the exchange hacks in 2019, the Binance breach in May really brought it home to cryptocurrency users that funds on any exchange are not safe.
After all, if even the mighty Binance can be hacked, what does that imply for smaller exchanges with less robust technologies and budgets? Hackers were able to steal a whopping $40.7 million (7,000 BTC) from the exchange’s hot wallet.
Binance claimed that this was just 2% of its total funds and that the rest was in cold storage. The exchange immediately halted all withdrawals and deposits for one week while it investigated and refunded all users from its SAFU emergency fund.
CEO Changpeng Zhao (CZ) admitted that it was “not the best of days”, but thanked the community for its support.
Not the best of days, but we will stay transparent. Thank you for your support!https://t.co/Y1CQOatEpi
— CZ Binance (@cz_binance) May 7, 2019
Another Singapore-based exchange, BiTrue suffered a hack of around $4.2 million of users’ funds in June. This time around, the hackers were after 9.3 million XRP tokens and 2.5 million ADA.
The exchange immediately reassured users via its Twitter account that all funds would be returned:
Dear Bitrue Users,
First of all, please let us assure you that this situation is under control, 100% of lost funds will be returned to users, and we are reviewing our security measures and policies to ensure this does not happen again.
— Bitrue (@BitrueOfficial) June 27, 2019
July was a horrible month for Japanese exchange Bitpoint as it lost a massive $28 million in different cryptocurrencies targeting more than 50,000 users. The breach was so severe that it stopped the exchange from operating for a month.
Luckily for its users though, Bitpoint’s parent company, Remixpoint, immediately promised to reimburse them and the exchange reopened for business in August.
The most recent of cryptocurrency exchange hacks took place this Wednesday at South Korean exchange UPbit. So far, it’s turned out to be the biggest hack of the year in terms of monetary value. Hackers were able to get away with some $50 million worth of Ether.
All trading and functionality are still currently suspended for the next two weeks as the exchange continues to investigate. However, UPbit maintains that the loss did not come from its users’ funds.
Exchange hacks – what can we learn?
With seven major exchange hacks in 2019 alone, including the mighty Binance and twice-hit Bithumb, what can cryptocurrency users learn?
Keeping your crypto funds on an exchange makes them vulnerable. Many exchanges have recovered or repaid cryptocurrency users, but others went into liquidation.
Not your keys, not your coins. If you’re holding any significant amount of virtual assets on an exchange, you may be next in line… the year’s not over yet.