Crypto.com CEO says 500 user accounts, $35 million taken in security breach
Following a hack of its hot Ether earlier this week, Crypto.com CEO Kris Marszalek confirmed that around 500 accounts were compromised and nearly $35 million stolen as a result.
Marszalek said in an online interview with Bloomberg TV that the Singapore-based crypto exchange experienced a security breach. However, he did not reveal how the hack occurred and the exact method the hackers used remain unclear.
Crypto.com CEO said the exchange “very quickly stopped” unauthorized withdrawals and restored its funding services within 14 hours.
Crypto.com, which boasts Hollywood superstar Matt Damon as the face of the exchange, has yet to receive any communication from regulators following the breach. But Marszalek said they are prepared to share information on the theft if regulators do inquire.
Crypto.com, the five-year-old cryptocurrency exchange, put out an official statement on twitter sharing that all affected customers were fully reimbursed.
“Following the 17th of Jan security incident, we are sharing our findings, together with enhancements we’ve made to our security infrastructure and the introduction of the Worldwide Account Protection Program,” it said.
According to its findings, a small number of Crypto.com users had unauthorized crypto withdrawals on their accounts. The platform promptly shut down withdrawals for all tokens to ensure the safety of user funds. Then, it initiated an investigation to address the issue, and in “the majority of cases” Crypto.com prevented the unauthorized withdrawal, while “all other customers were fully reimbursed.”
Crypto.com also confirmed that the incident affected 483 users. Additionally, the losses resulting from the hack totalled 4,836.26 ETH, 443.93 BTC and $66,200 in other currencies.
On Monday morning, Crypto.com announced via Twitter some users reported that their funds were missing, even those with two-factor authorization enabled. In response, the company paused withdrawals and launched an investigation, which at the time claimed that “all funds are safe.”
There were conflicting reports around what actually happened. A blockchain security firm estimated at least $15 million of Ethereum (ETH) was stolen. Ben Baller, a crypto influencer and podcast host, also tweeted that around 4.28 Ether (roughly $15,000) had been “stolen out of nowhere” from his account. He said that he used two-factor authentication, which means the potential hacker breached the exchange’s security measures. Baller later claimed that approximately 5,000 Ether, which equates to more than $16 million, were lost form a wallet belonging to Crypto.com.