SINGAPORE: Singapore-based cryptocurrency exchange Crypto.com confirmed on Thursday (January 20th) that it had been hacked, with the accounts of 483 users affected.
In a blog post, the company said that on January 17 it learned that a “small number of users” had made unauthorized withdrawals from their accounts.
These unauthorized withdrawals totaled 4,836.26 Ethereum, 443.93 Bitcoin, and approximately $66,200 in other currencies.
This amounted to around US$31 million (S$41.7 million), according to Friday’s exchange rate.
The company had detected unauthorized activity on some accounts on Monday, with transactions being approved without two-factor authentication (2FA) provided by users.
“Crypto.com quickly suspended withdrawals of all tokens to initiate an investigation and worked around the clock to resolve the issue,” he said, adding that no customers had lost funds. .
Unauthorized withdrawals were prevented in the “majority of cases”, with customers being fully refunded in all other cases, the company said.
The affected accounts have been “fully restored”, he said.
Existing 2FA tokens have been revoked, while additional “security hardening” measures have been added, requiring all customers to log in and set up their 2FA tokens again, he added.
Withdrawals declined for about 14 hours, the company said.