CEO Kris Marszalek of has confirmed that over 400 customer accounts were hacked and millions of dollars stolen.

In an interview with Bloomberg, the CEO confirmed there were unauthorized transactions on these accounts but assured users that his team had taken care of the situation and reimbursed everyone whose money was stolen from their accounts.

In the wake of the incident, the company has released a report detailing the findings of their post mortem. In this case, there were 483 accounts that were hacked. The unauthorized withdrawals totaled 4,836.26 ETH, 443.93 BTC, and about $66,200 in other currencies. At current exchange rates, that’s $15.3 million of ETH and $18.7 million of ETC for a total of $34.

According to the report, some transactions were being approved without two-factor authentication for a small number of accounts just a few days ago. The company’s risk monitoring systems caught this. Thus, withdrawals were halted by the cryptocurrency exchange on January 16th. Some users reported that even though they had two-factor authentication activated, their cash was taken.

“No customer funds were lost,” Marszalek tweeted on January 17. The company’s infrastructure went down for about 14 hours, but his team made sure their security was better because of what happened. A report has confirmed that has revoked all client 2FA tokens and imposed extra security measures, which prompted all account users to re-login. claims the action was taken because a new 2FA infrastructure was set up. As time goes on, it wants to move away from two-factor authentication and to true Multi-Factor Authentication (MFA).

AlSO READ:  Safeboda: Life After Kenya and Becoming a Fintech and Logistics Super-app

A new security measure from also requires users to wait 24 hours before withdrawing money to a new whitelisted address. Users who want more protection for their money will be able to sign up for the Worldwide Account Protection Program (W.A.P.P) on February 1.

If a third party gets into a user’s account, WAPP can return up to $250,000 of that user’s money. The program requires customers to employ multi-factor authentication for all transactions to avoid having their devices hacked. They must have set up an anti-phishing code at least 21 days before an unauthorized transaction took place, filed a police report and given a copy, and completed a questionnaire to help with their investigation.

Follow Techspace Africa on Facebook and Twitter. For the latest news, tech news, breaking news headlines, reviews and live updates check out

Shirleen is a tech writer with over 3 years of experience in the industry. She has a passion for writing about complex technical topics in a way that is easy to understand. She is also an expert in SEO. She is a highly skilled and experienced tech writer who is passionate about her work. She is also a great team player and is always willing to go the extra mile to get the job done.

    You may also like