Cyber Incident Victim: CoinBene
Date:
Mar 2019
Location:
Singapore
Summary
CoinBene, a cryptocurrency exchange, recently disclosed a security breach resulting in significant financial losses estimated by industry observers at over $45 million. The incident prompted the platform to enter maintenance mode for investigation and infrastructure improvements. Unauthorized fund transfers occurred, though exact details of the attack vector remain unspecified. Authorities from multiple jurisdictions assisted in the investigation, highlighting the cross-border nature of the incident. The breach underscored vulnerabilities in digital asset platforms, leading to operational disruptions and loss of user funds without official confirmation of the total impact from the exchange itself.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 2 techniques |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On or around March 24, 2019, cryptocurrency exchange CoinBene suffered a security breach resulting in unauthorized fund transfers. The Singapore-based platform entered maintenance mode following the incident to investigate the compromise and implement infrastructure improvements. While CoinBene did not disclose technical details of the attack vector or exact theft mechanisms, industry observers estimated losses exceeding $45 million based on blockchain analysis. The exchange did not publicly confirm this figure or provide an official statement regarding the scope of financial impact. Concurrently with CoinBene's incident, cryptocurrency platform DragonEx also reported a hack occurring on the same date, though the two events were not explicitly linked in available reporting.
CoinBene's operational response involved suspending services to contain further unauthorized access, mirroring DragonEx's maintenance mode activation. Authorities from Estonia, Thailand, Singapore, and Hong Kong collaborated in investigating the breach, indicating potential cross-jurisdictional fund movements or attacker infrastructure. No details emerged regarding specific cryptocurrencies affected, forensic findings about attacker methodologies, or timelines for service restoration. The exchange maintained silence regarding recovery efforts and did not respond to media inquiries from outlets including ZDNet. Financial consequences remained unverified by the platform, with third-party estimates constituting the primary available loss assessment.