Cyber Incident Victim: CoinEX.pw
Date:
Mar 2014
Location:
United States of America
Summary
A digital currency exchange suffered a security breach resulting in the theft of all held bitcoins, with the company pledging to cover customer losses using its own funds. The spokesperson acknowledged prior similar incidents where losses were also internally compensated and announced plans to sell additional shares while hiring a professional security audit team to prevent future breaches. Communication delays and the deletion of the co-founder's social media profiles raised concerns among users, though some forum responses expressed gratitude for the transparency while others criticized repeated security failures and operational mismanagement.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
CoinEX.pw, a digital currency exchange, publicly confirmed a security breach on March 19, 2014, through a Bitcoin Talk forum post by company representative Vitaly A. Sorokin (username "erundook"). The hack resulted in the complete theft of all bitcoins held by the exchange at the time. While the exact quantity of stolen cryptocurrency remained undisclosed, the company committed to covering customer losses using its own funds, referencing similar compensation practices during prior security incidents. Sorokin outlined a two-part recovery strategy involving the sale of additional shares through Cryptostocks to finance reimbursement efforts and the engagement of a professional security audit team to prevent future breaches. The announcement followed three days of limited communication after CoinEX.pw's initial March 16 Twitter post acknowledging an unspecified "security issue" under investigation, which triggered customer concerns about operational transparency.
The delayed disclosure exacerbated user anxieties, particularly after observers noted erundook had deleted his personal Twitter account and GitHub Gist page containing the exchange's API documentation prior to the official announcement. Sorokin attributed these deletions to fear of user backlash, though forum responses displayed mixed reactions—some users expressed gratitude for the reimbursement pledge while others criticized operational mismanagement. Critical feedback highlighted the exchange's repeated security failures and inadequate risk mitigation strategies, with one Bitcoin Talk member comparing the situation to operating a physical valuables business without insurance after multiple robberies. Operational impacts included temporary suspension of services during the investigation, though the exchange maintained its commitment to resume operations after implementing enhanced security measures. Customer trust erosion became evident through public forum discussions questioning the sustainability of the business model given recurring security lapses.