The exchange says it will implement a new account protection program going forward. 

Key Takeaways has confirmed that it lost $34.4 million to hackers Monday.
However, the exchange has not explained how attackers were able to access its users’ accounts and bypass two-factor authentication.
In response, has introduced additional security for withdrawals, and launched a new Worldwide Account Protection Program.

Share this article has confirmed it was hacked for $34 million Monday but is yet to explain how an attacker was able to bypass accounts’ two-factor authentication to steal the funds. Confirms Hack was hacked but hasn’t revealed how it happened. 

The leading crypto exchange has addressed reports that it was hacked in a Thursday blog post, confirming that an attacker drained 4,836.26 ETH,443.93 BTC, and approximately $66,200 of other currencies from its users’ accounts. The stolen funds total approximately $34.4 million at press time. 

The blog post explained that on Monday, Jan. 17, at approximately 00:46 UTC, the exchange’s risk monitoring systems detected unauthorized activity on a small number of user accounts. 

According to the announcement, an attacker found a way to approve transactions without the two-factor authentication control being inputted by account holders. This resulted in 483 users losing funds from their accounts. The exchange reaffirmed comments made by the firm’s CEO, Kris Marszalek, that any accounts found to be impacted were fully restored, resulting in no loss of funds for users. 

While has confirmed the reports of a hack from several analysts and blockchain security firms, the exchange did not explain how the hacker gained access to users’ accounts and bypassed their two-factor authentication. 

In response to the incident, has added an additional layer of security to withdrawals. Users will now need to wait 24 hours after registering a new withdrawal address before transferring funds to it. “Users will receive notifications that withdrawal addresses have been added to give them adequate time to react and respond,” the blog post reads. The exchange also says it has engaged with third-party security firms to perform additional security checks.

In the same post, also announced the introduction of its new Worldwide Account Protection Program. The program promises to restore funds up to $250,000 for qualified users in the event of fraud or theft. To qualify, users must meet a series of criteria, such as having two-factor authentication enabled on all transactions and filing a report with local police. 

The undisclosed security breach that led to the hack comes less than three months after the exchange completed a Service Organization Control 2 Audit. The audit was conducted by consulting firm Deloitte and affirmed that’s information security practices, policies, procedures, and operations meet sufficient SOC2 standards. 

Disclosure: At the time of writing this feature, the author owned ETH and several other cryptocurrencies. 

Share this article

The information on or accessed through this website is obtained from independent sources we believe to be accurate and reliable, but Decentral Media, Inc. makes no representation or warranty as to the timeliness, completeness, or accuracy of any information on or accessed through this website. Decentral Media, Inc. is not an investment advisor. We do not give personalized investment advice or other financial advice. The information on this website is subject to change without notice. Some or all of the information on this website may become outdated, or it may be or become incomplete or inaccurate. We may, but are not obligated to, update any outdated, incomplete, or inaccurate information.

You should never make an investment decision on an ICO, IEO, or other investment based on the information on this website, and you should never interpret or otherwise rely on any of the information on this website as investment advice. We strongly recommend that you consult a licensed investment advisor or other qualified financial professional if you are seeking investment advice on an ICO, IEO, or other investment. We do not accept compensation in any form for analyzing or reporting on any ICO, IEO, cryptocurrency, currency, tokenized sales, securities, or commodities.

See full terms and conditions.

Recommended News

Read More