Binance, one of the largest cryptocurrency exchanges in the world, has confirmed that it lost nearly $ 41 million in Bitcoin, a theft that is rated as the largest hack to date.
In a statement, Binance CEO Changpeng Zhao said the company suffered a "large-scale security breach" on May 7, with hackers stealing about 7000 bitcoins, which at the current exchange rate stands at 40,6 millions of US dollars.
The news about the hack comes just hours after Zhao's Tweet that Binance has "to perform some unscheduled maintenance, which will affect deposits and withdrawals for a few hours".
According to the company, the attackers used various attack techniques, including phishing, to carry out the attack. They managed to break into a hot wallet with BTC (an internet-connected wallet) containing 2% of the total BTC held by the company and steal Bitcoins in a single transaction.
Most worryingly, the company has acknowledged that hackers have been able to obtain critical user information, such as API keys, two-factor IDs, and potentially other information required to sign in to a Binance account.
Zhao also warned that "hackers can still check some user accounts and use them to influence prices."
Fortunately, offline wallets, where the majority of Binance funds are held, remain safe. Also, personal wallets connected to the Internet were not directly affected.
Binance has been suspending all deposits and withdrawals on its platform for about a week, while thoroughly examining its security and investigating the incident.
The CEO of Binance said that the company last year created an internal insurance mechanism, called Secure Asset Fund for Users (SAFU), which will cover the entire amount of the hack and will not affect users.