Binance, one of the biggest Companies of the world's cryptocurrency exchange, has confirmed that it lost nearly $41 million in Bitcoins, a theft that ranks as the biggest hack to date.
In a statement, Binance CEO Changpeng Zhao said the company on May 7 suffered a "breach security large-scale", resulting in the hackers to steal about 7000 bitcoins, which at today's exchange rate amounts to 40,6 million US dollars.
The news about the hack comes just hours after Zhao's Tweet that Binance has to run some programeyeto maintenance, which will affect deposits and withdrawals for a few hours".
According to the company, the attackers used various attack techniques, including phishing, to carry out the attack. They managed to break into a hot wallet with BTC (an internet-connected wallet) containing 2% of the total BTC held by the company and steal Bitcoins in a single transaction.
Most worryingly, the company has acknowledged that hackers have been able to obtain critical user information, such as API keys, two-factor IDs, and potentially other information required to sign in to a Binance account.
Zhao also warned that "hackers can still check some user accounts and use them to influence prices."
Fortunately, offline wallets, where the majority of Binance funds are held, remain safe. Personal wallets connected to the Internet were also not directly affected.
Binance has been suspending all deposits and withdrawals on its platform for about a week, while thoroughly examining its security and investigating the incident.
The CEO of Binance said that the company last year created an internal insurance mechanism, called Secure Asset Fund for Users (SAFU), which will cover the entire amount of the hack and will not affect users.