Cryptocurrency exchange service Cryptopia was pulled offline recently. It is thanks to a security breach. Now, millions are feared stolen.
We’ve covered a lot about various leaks and breaches. Our conclusion for months now is that a security incident can happen to pretty much anyone. A lot of the security incidences we’ve been covering lately have been happening to traditional corporations as well as Brick and Mortar operations. Some might see the coverage and think that these incidences happen only to those who aren’t really natively born in the Internet realm. The truth is, anyone can be impacted and we are learning of another example of this.
Cryptopia, a New Zealand based cryptocurrency service, has been recently shut down unexpectedly. The site has been pulled offline and put into unscheduled maintenance mode. Staff at the time say that they are assessing the damage of a potential security incident. From ZDNet:
Cryptopia has pulled its website and services offline, citing a “security breach” resulting in “significant losses.”
At the time of writing, the cryptocurrency exchange, based in New Zealand, is offline and a message posted to the home page says the domain is in “unscheduled maintenance mode.”
Cryptopia said on Twitter that a security incident took place on Monday. Once this was detected by staff, services were pulled to “assess damages.”
Trading is suspended until further notice.
“We are committed to getting this resolved as quickly as possible and will keep you all updated every step of the way,” Cryptopia added.
As time went on, more details emerged. More recent reports say that police are involved after an estimated $2.5 million to $3.5 million may have been stolen during what is now being reported as a hack. From CCN:
Police authorities investigating this week’s $2.5 million hack of New Zealand-based Cryptopia have admitted the case is a “complex” matter. While the exchange is duly coordinating with authorities to net the accused and the proceedings remain at early stages, all possibilities – including Cryptopia’s role in the attack – are being considered.
An official release on January 16 has confirmed investigations are ongoing at Cryptopia’s headquarters in Christchurch. Authorities acknowledge the company’s full coordination in the matter, putting to rest any rumors of an internal hack or “exit scam.” A large investigative team is said to be deployed at the exchange’s offices, including members from the Canterbury CIB and New Zealand’s dedicated cyber crime task force, the High Tech Crime Unit.
The small-scale cryptocurrency exchange, which handled just over $2 million in daily transactional volume before the incident, has lost between $2.5 million to $3.5 million worth of Ether (ETH) and Centrality (CENNZ) tokens according to estimates. An official figure is yet to be released, with police stating it’s a “significant amount.”
The existing figures come from a tweet by blockchain security firm Hacken, which observed a 19,870 ETH transfer from Cryptopia wallets when the exchange was in a “maintenance” period.
While some may point to this incident and conclude that this is just the latest example of the risks of being associated with any cryptocurrency, the truth is, it’s an example of a much broader problem that goes well beyond the world of cryptocurrency.
This month alone, we’ve seen the 12306 train platform hack, the Town of Salem game hack, the German political hack, the Amazon data leak, and the OXO International hack.
With so much money at stake with this latest hack, it’s clear that an exchange can be an attractive target for hackers given the potential financial rewards. Private information, at the same time, also makes services an attractive target given that such data can be bought and sold afterwards by dealers and identity thieves.
If anything, this shows that, once again, anyone can be a victim of a security incident. Whether you are an ordinary citizen, a political figure, a celebrity, a journalist, or someone who trades cryptocurrency, anyone can become a victim at any point.
Drew Wilson on Twitter: @icecube85 and Google+.
