Binance suffered what it’s calling a “large scale security breach” yesterday evening. The hackers were able to transfer 7,000 Bitcoin (over $40 million at the time of writing) in one transaction from the company’s hot wallet.
In an announcement last night, Binance‘s CEO Changpeng Zhao said that hackers were able to obtain user API keys, two-factor authentication (2FA), and potentially other info – it has not disclosed what, though. At this point, Binance also doesn’t know how many accounts have been affected.
Binance claims the attackers used a range of techniques including phishing and malware to carry out the hack. The attack managed to circumvent Binance‘s security checks, but after noticing the strange activity, the exchange blocked all withdrawals.
Withdrawals will continue to be blocked for the next seven days while Binance carries out a security check.
The announcement also says that Binance will use its SAFU (Secure Asset Fund for Users) emergency insurance fund, to reimburse accounts affected by this breach.