Binance, one of the largest cryptocurrency exchanges in the world, has confirmed that it lost nearly $ 41 million in Bitcoin, a theft that is rated as the largest hack to date.
In a statement, Binance CEO Changpeng Zhao said the company suffered a "large-scale security breach" on May 7, with hackers stealing about 7000 bitcoins, which at the current exchange rate stands at 40,6 millions of US dollars.
The news about the hack comes just hours after Zhao's Tweet that Binance has "to perform some unscheduled maintenance, which will affect deposits and withdrawals for a few hours".
According to the company, the attackers used various attack techniques, including phishing, to carry out the attack. They managed to hack a BTC hot wallet (a wallet connected to the Internet) which contained 2% of the total BTC held by the company and steal the Bitcoins in a single transaction.
More worryingly, the company acknowledged that hackers managed to get their hands on critical user information such as wrenches API, codes ID cardtwo-factor and potentially other information, which is required to log into a Binance account.
Zhao also warned that "hackers can still check some user accounts and use them to influence prices."
Fortunately, offline wallets, where the majority of Binance funds are held, remain safe. Also, personal wallets connected to the Internet were not directly affected.
Binance has been suspending all deposits and withdrawals on its platform for about a week, while thoroughly examining its security and investigating the incident.
Binance's CEO said that the company last year created an internal insurance mechanism, called the Secure Asset Fund for Users (SAFU), which will cover the full amount of the hack and will not affect users.