Cyber Incident Victim: Voyager

On December 28, 2020, Voyager Digital LLC, a cryptocurrency brokerage platform managing $200 million in assets, abruptly halted trading and canceled all limit orders following a cyberattack targeting its DNS configuration. The company initially described the disruption as routine maintenance before disclosing the security incident. Voyager CEO Steve Ehrlich confirmed the platform was taken offline immediately after detecting the attempted intrusion to protect customer assets and information, emphasizing that no funds or cryptocurrency were compromised despite the operational shutdown. The attack occurred during a period of significant growth for the broker, which had reported a 40-fold increase in business over the preceding 12 months. Trading remained suspended for an unspecified duration while the company addressed the DNS-related threat, though technical specifics about the attack vector or perpetrators were not disclosed. Voyager maintained that the intrusion attempt was unsuccessful due to their rapid response, though the incident forced a complete suspension of core platform functionality.

Voyager restored service to its mobile application following the containment measures, requiring all users to log back into their accounts as a security precaution. The company advised customers to reset their passwords and implement two-factor authentication (2FA), though no evidence of credential compromise was stated. Trading activities resumed after the temporary shutdown, with Voyager reiterating that customer assets remained secure throughout the incident. No data breaches or financial losses were attributed to the attack, according to official statements. The organization did not provide additional details about the DNS threat's nature, scope, or mitigation steps beyond confirming the infrastructure intervention. Media inquiries from outlets including BleepingComputer regarding attack specifics received no response from Voyager following the initial disclosure.