But it does happen. Here are the 5 biggest crypto exchange hacks of all time.
Mt.Gox – 750,000 Bitcoins
This one is the single most famous crypto exchange hack in history. Mt.Gox was the biggest bitcoin exchange at the time and was operating since 2010 in Japan. There were 2 incidents involving hacks, but the last one gave the final blow.
The first incident occurred back in June 2011 when a hacker successfully transferred 2,609 bitcoins to another address. This happened after the hacker got access to Mt. Gox credentials and lead to a suspension of operations that lasted several days.
By 2014 Mt. Gox was handling about 70% of the world’s Bitcoin Transactions, and the leaked amount was just as big as the company. The exchange lost more than 750,000 Bitcoins or around $350 million. This was enough to make them stop operations and file for bankruptcy.
Bitfinex – 119,756 Bitcoins
At the time this was the second biggest cryptocurrency hack after Mt. Gox incident.
It happened in August 2016, when Bitfinex, the world’s leading Bitcoin exchange at the moment, was hacked. With a worth of $72 million the company lost 119,756 Bitcoins.
Although to this day the exact reason of how their system was breached is still unclear, it seems that the source of the vulnerability was related to the account’s structure. A structure that was supposed to prevent potential breaches through a multi-signature system.
Bitfinex was able to survive the attack and issued BFX tokens that the victims were able to redeem in a more common currency, USD.
Coincheck – 523 Million NEM Coins
In January of 2018, Coincheck hit a new record with the outstanding amount of $534 million.
It was even more than Mt. Gox hack. Although it is an impressive amount of money it is not considered the biggest crypto exchange hack because the total value of what was stolen in 2014 today has a value of more than $4 billion.
The hack was attributed to the fact that Coincheck did not follow the multi-signature security recommendations and stored their NEM in a single hot wallet! Despite this the company survived but NEM’s prices dropped sharply. In April of that same year, Coincheck was purchased by Monex Group, Inc for the amount of $34 million.
Following the incident the Coincheck said that they would repay the stolen money to all of their users from their own capital. The company is still around to this day, but the trade volume is not what it once was.
Parity Wallet – 513,700 ETH
In November 2017 the famous hack of the Ethereum network occurred, leaving more than $300 million totally unusable. The money was not stolen but it became basically unreachable after a user named Devops199 accidentally discovered this exploit while experimenting with a previous one.
513,000 ETH became unreachable after the exploit “killed” the wallet library and removed it from the blockchain. This means that the affected wallets didn’t have the logic to perform transactions anymore.
Moments later, Devops199 published “I accidentally killed it”. He didn’t even know what he was doing at the moment of the accident, but the name and those four words went down to history as the amateur who killed the $90M wallet from the Polkadot project.
Accidents like this one can lead you to ask yourself how a complete amateur disappears $300M from an exploit?
GateHub – The Wallet Breach
In June 2019 GateHub made public that a hack in which about 100 wallets were accessed by the attackers had occurred. It was announced that approximately $10M in XRP was stolen.
“A few days ago we learned that a criminal hacker had accessed several dozen native XRP Ledger wallets and stolen crypto assets from our customers.”
The curious thing here is that it seems the hackers gained access to the funds through the wallet’s API. But there seemed to be no flaws in the API.
Later on that year, in November 2019 another security breach was detected. It was reported that 1.4 million accounts were breached. The account information that was stolen includes passwords, email addresses, wallet hashes and two-factor authentication keys from users.
Although the wallet hashes were not accessed, this was a pretty concerning attack. The investigations showed that there was no action or omission from GateHub that led to vulnerabilities.
In July 19 final statement Gatehub said that in light of the amount of cyberattacks that crypto exchanges had suffered during that time, they were going to take additional steps to safeguard their accounts.
“As a precaution, we are generating new encryption keys and re-encrypting all sensitive information such as XRP ledger wallets secret keys on all accounts upon next sign-in. Behind the scenes, we are taking other precautions as well.”
As companies implement sturdier and more complex security measures become, hackers constantly strive to come up with new ways to perform an attack and take advantage of exploits. But, this does not mean that the crypto market is a risk that is not worth taking.
Although technology is far from perfect, there’s a ton of benefits that can be applied to the real world, not just the digital world. The crypto market is huge and revolutionary, but it’s history shows that you can never be too careful.