How do cryptocurrency exchanges get hacked? And how can you protect yourself? Read on to find out.
What are cryptocurrency exchanges?
Most of us don’t think about it, but cryptocurrency exchanges are a pretty big deal. In fact, as crypto becomes more ubiquitous, you can expect them to play an even larger role in your financial life. But what exactly are crypto exchanges? You’ve probably already guessed that they are companies that exchange one form of cryptocurrency for another. They also provide other services like storing coins and managing wallets. The real question is: how do these sites get hacked? And what happens if your crypto exchange gets hacked? To answer those questions, we need to understand how these sites work.
As crypto exchanges evolve and we start thinking about them as financial institutions, it’s easy to lose sight of what they actually are. At their most basic level, cryptocurrency exchanges are digital marketplaces. You trade one currency for another and make a purchase when you have sold your own currency. The exchange charges fees for making these trades in order to fund its operations, just like any other marketplace. What happens if your crypto exchange gets hacked? Let’s take a look at what actually goes on at an exchange and how that determines whether you can recoup lost funds or not.
What happens if your crypto exchange gets hacked? With more exchanges popping up all over, it’s important to understand what might happen if you fall victim to a hack. As you might imagine, different exchanges work in slightly different ways. But one thing is certain: when an exchange gets hacked, it creates a variety of problems for its users. Your cryptocurrency will almost certainly be safe, but there are a lot of factors that influence how much your losses could be and whether or not you can get your money back from someone else.
How Do Cryptocurrency Exchanges Get Hacked?
It’s happened again: another cryptocurrency exchange has been hacked. And no, it’s not just a tiny, obscure startup. This time, South Korea-based Coinrail was compromised and more than $40 million in tokens were stolen. In 2017 alone, there have been nearly $1 billion in losses due to crypto exchange hacks. So what happens if your exchange gets hacked? And how can you protect yourself? Let’s take a look at what happened on Sunday and what users need to know going forward.
The cryptocurrency world has been struggling with hacks for years, with millions of dollars worth of coins stolen from exchanges and startups. In fact, nearly $1 billion in losses have been reported just in 2017, according to Cointelegraph. So what does that mean for users? What happens if your exchange gets hacked? To find out more about Coinrail’s hack and how users can protect themselves, keep reading!
So what happens if your exchange gets hacked? And how can you protect yourself? Let’s take a look at what happened on Sunday and what users need to know going forward.
First off, here’s what happened: Sunday morning (KST), Coinrail announced that it had been hacked over the weekend. The company said that approximately 30% of its coins (mostly NPXS tokens) were stolen, along with about $19 million worth of another cryptocurrency called Aston X. Coinrail didn’t specify how much was taken in total, but according to CoinMarketCap, Coinrail had been trading more than $2.6 million in tokens as of May 28th – most of which appear to have been affected by the hack.
What Can I Do To Protect Myself From Being the Next Victim?
Getting hacked is one of crypto investors’ biggest fears. After all, crypto is virtual and your accounts are prone to be breached. The good news is that there are a few things you can do to protect yourself from being hacked, even if it happens to you. Here’s what happened in a few prominent hacks—and how you can protect yourself moving forward.
The most notable crypto exchange hack of recent years is that of Mt. Gox, which made headlines in 2014 when it declared bankruptcy after announcing a loss of over 850,000 bitcoin—valued at $450 million at that time. The cause? According to their statements on Mt. Gox’s website, it was an issue with a software flaw in their system which allowed attackers to gain access and make off with millions of dollars worth of customers’ money. What makes Mt. Gox particularly interesting from a data breach perspective is just how badly they handled it: They neglected customer complaints for months and neglected to release information about what happened until more than three years after it occurred!
Leaders of China’s Hangzhou Xunlei Internet Technology Co., Ltd.
The second most notable hack is one that affected customers of Gatecoin. The company announced in August 2016 that it had been hacked and that around 250 bitcoins—valued at $2 million USD at that time—had been stolen from them. What makes Gatecoin’s hack particularly worrisome is just how little they seem to have done to protect themselves: Their announcement claimed they had implemented enhanced security measures but didn’t elaborate on what those were or whether they were sufficient.
Are All Cryptocurrency Exchange Users Affected Equally by a Hack?
There are two different types of cryptocurrency exchanges: centralized and decentralized. In a centralized exchange, which is what most people use, one company manages all aspects of user accounts: transfers in and out, storage of funds, trades, etc. They hold everything themselves. And because that’s where users store their coins and trade them for other cryptocurrencies or fiat currencies (like USD), when a hacker breaks into that system there is potential for significant loss. But that’s not always how it works. Some exchanges are decentralized—they allow anyone to trade with each other peer-to-peer without much intervention from an administrator—which doesn’t present as many security risks as a centralized exchange but can also make it difficult for users who want more hand-holding through their transactions.
One way to reduce your risk of getting hacked is by having a variety of different security tools in place. For example, you can use a password manager like LastPass or 1Password (which integrates with your web browser) that encrypts all your passwords and gives you unique, strong ones for each website. That way if one site gets hacked and exposed, hackers won’t be able to figure out how to access your accounts elsewhere. It may seem like an inconvenience now—and it definitely will at first—but once you get used to it, there’s no going back.
You should also use two-factor authentication (2FA), which adds a second layer of security to your login by requiring you to enter a unique number that’s been texted or emailed to you in addition to your password. Most exchanges have some form of 2FA on their platform, but since each provider is different, it’s important to check and make sure you’re familiar with how it works before jumping in. This is an area where LastPass can be especially useful; if 2FA is available from your exchange, we can automatically fill it in for you when logging in or completing trades.
Cryptocurrency exchanges are susceptible to hacks and security breaches just like any other digital asset exchange. It’s important for investors to follow safe practices when trading crypto, especially those with large holdings that could potentially be affected by an exchange breach. Keeping coins off exchange in cold storage and practising secure methods of depositing, withdrawing, and trading coins can help you protect your holdings from hackers. In 2018 alone, several major exchanges reported being hacked—Binance in March; Bitgrail in February; Youbit in December; Coincheck in January—and while it’s rare for hackers to infiltrate large exchanges today, it’s important for crypto investors to be aware of what happens if they do.
If your exchange is hacked, it’s likely you’ll lose some or all of your coins. The good news is that in most cases, lost or stolen funds can be recovered by contacting customer support. As long as you have your account recovery phrase or private key—both of which are necessary for accessing your account—you can request a reset that transfers control of your account back to you. You may still need to submit KYC documents and provide information about how and when you lost access to your funds, but once they’re verified, they should be returned. It might not be easy, but exchanges work hard to reimburse users when possible after a hack occurs.
It’s better to be safe than sorry when it comes to protecting your crypto. Always keep a backup of your recovery phrase or private key and store them in a safe place offline (not on a cloud server). Don’t share your recovery phrase or private key with anyone, including customer support. Secure all exchanges by enabling two-factor authentication and choosing unique, complex passwords for each exchange account you have. Use a hardware wallet such as Ledger or Trezor, which is stored offline, rather than an online wallet like Coinbase. Keep tabs on any cryptocurrency exchange announcements and warnings—the more you know about how hacks happen and how they can be prevented, the safer you can feel while trading coins in 2018 and beyond.