Binance, which is actually the world’s largest cryptocurrency exchange in terms of volume, has been hacked. The company announced that the breach was detected on May 7th and in addition to stealing bitcoins hackers also gained access to a large number of user API keys, 2FA codes, and “potentially other info”.
Binance reported that hackers withdrew just over 7000 bitcoin (around $41 million) in a single transaction. This affected their hot wallet, which contained about 2 percent of their total bitcoin holdings. “All of our other wallets are secure and unharmed,” said CEO Changpeng Zhao.
“The hackers had the patience to wait and execute well-orchestrated actions through multiple seemingly independent accounts at the most opportune time,” Zhao wrote. “The transaction is structured in a way that passed our existing security checks. Once executed, the withdrawal triggered various alarms in our system. We stopped all withdrawals immediately after that.”
Zhao warned that as the attackers were able to steal some user information, they “may still control certain user accounts and may use those to influence prices.”
Those worried that their money was taken should be pleased to hear that the stolen bitcoins are covered by Binance’s Secure Asset Fund for Users, an emergency insurance fund set aside for such incidents. It’s still not known how many users were affected by the breach.