Bangalore: CoinDCX, a leading crypto exchange company in India, has confirmed an internal security breach. This breach involved one of the company's operational accounts, from which approximately $44 million in cryptocurrency was allegedly transferred. However, the company has emphasized that user funds were not affected in any way, and all crypto assets are secure in cold wallets.
Suspicious Transaction Identified from Operational Account
Information about this security breach came to light when blockchain investigator ZachXBT and cybersecurity firm Cyvers reported suspicious activity involving a wallet associated with CoinDCX. It was reported that a large amount of funds from that wallet were transferred through platforms like Tornado Cash — which is used to conceal the identity of transactions.
It was also revealed that these transactions had started before CoinDCX publicly confirmed the breach. It is estimated that the funds were sent on the Ethereum blockchain.
CEO Sumit Gupta's Statement: “User Funds are Safe”
CoinDCX's Co-founder and CEO, Sumit Gupta, said in a post on microblogging site X (formerly Twitter):
“This breach is related to one of our operational accounts. We took immediate action by isolating the affected account and initiating an investigation in collaboration with domestic and international cybersecurity agencies. Most importantly — no customer funds have been impacted. All assets are completely secure in our cold wallet infrastructure.”
Gupta further stated that the company itself will cover the losses from its treasury fund. Additionally, all types of trading and INR transactions on the platform will continue as usual.
Emphasis on Transaction Tracing and Security Improvements
CoinDCX also stated that they are working with a partner exchange to trace these transactions in order to recover the crypto assets and prevent further fund movement.
In addition, the company has announced the launch of a Bug Bounty Program to strengthen security. The aim of this program is to encourage honest and ethical hackers to provide the company with information about any weaknesses in the system in a timely manner.
Gupta also said that the investigation process will be transparent, and customers will be provided with all necessary updates in real-time.
CoinDCX's Stance is Positive, but the Warning is Clear
Even though CoinDCX has shown speed and transparency in this entire matter, this incident is a major warning for the crypto industry. Generally, the focus remains on cold wallet security, but it has now become clear that operational and internal accounts are also not immune to the threat of hacking.
Experts believe that this incident will force crypto companies to rapidly adopt facilities like 24x7 transaction monitoring, third-party security audits, and AI-based alert systems.
CoinDCX's response, in which they acknowledged the loss, took immediate action, and guaranteed the security of customer funds — is certainly reassuring. Such a proactive approach can protect the brand value of any fintech or crypto company from damage.
