Cyber Incident Victim: 2gether

On July 31, 2020, at approximately 6:00 pm CEST, the cryptocurrency trading platform 2gether suffered a cyberattack targeting its servers. The attackers compromised investment accounts, stealing €1.183 million worth of cryptocurrency, representing 26.79% of the platform’s total funds. According to CEO Ramón Ferraz Estrada’s Twitter communications, general wallets and Euro-denominated accounts remained unaffected, as did payment card details used for deposits. However, user passwords were exposed during the breach, prompting the company to advise customers to change their credentials immediately. 2gether did not disclose the specific attack vector or methods used by the threat actors, stating only that an investigation was underway to determine how unauthorized access was achieved. The company also began gathering information to share with local authorities regarding the incident.

In response to the theft, 2gether’s leadership—including Ferraz, Chairman Salvador Casquero, and Director Luis Estrada—announced on August 1 that the platform lacked sufficient reserves to reimburse users fully. They described the breach as an "extremely difficult situation" caused by "soulless individuals" and revealed unsuccessful emergency negotiations with an unnamed investment firm to secure additional capital. As an alternative, the company offered affected users compensation in the form of its unreleased native 2GT token, valued at €0.05 per token, equivalent to the stolen cryptocurrency amounts. The executives pledged to continue seeking external funding to restore users’ original assets but provided no timeline for such recovery. Meanwhile, technical teams focused on restoring platform functionality with enhanced security measures, aiming to reopen access to the trading app as soon as possible. The incident left user investments partially unrecovered and underscored operational vulnerabilities in the platform’s infrastructure.