UK-based Crypto Exchange, EXMO Reportedly Loses $10.5M to Security Breach

EXMO, one of the oldest UK-based cryptocurrency exchanges reported Monday that it suffered a security breach. Bitcoin, Ethereum and other assets amounting to 5% of the company's crypto holdings were transferred from their hot wallet in the process.

EXMO said it noticed some large withdrawals from its hot wallets on December 21st and halted customer withdrawals on the platform to prevent the situation from escalating. 

The company has reported the incident to the London police and said it would work with the agency’s cybersecurity team in a possible recovery process. EXMO provided the addresses where the hackers withdrew the funds and further urged crypto exchanges and service providers to help block any users associated with the addresses. 

However, EXMO is yet to provide an estimated amount of the funds stolen. The exchange only wrote in its update:

We are still investigating the incident, but as of now, the security audit report showed that some amounts of BTC, XRP, ZEC, USDT, ETC and ETH in EXMO’s hot wallets were transferred out of the exchange.

TheBlock reports that the estimated amount is $10.5 million while Poloniex has returned an unknown sum to Exmo after trapping it on their platform. 

What Happens to EXMO Users After the Hack?

Deposits and withdrawals from the platform are still temporarily paused. EXMO assured that all funds held in its cold wallets are safe. Also, the exchange will completely cover any user funds affected by the incident.

EXMO was one of the cryptocurrency exchanges recently approved by the U.K Financial Conduct Authority (FCA) to operate under a temporary registration regime. As Bitcourier reported, the regime was introduced to allow the regulator to effectively deal with a backlog of crypto companies seeking an operating license in the U.K.

But only time will tell whether the recent security breach will affect EXMO’s chances of acquiring a full FCA license. EXMO vowed to “conduct a thorough security review that will include all parts of [its] systems and data,” to prevent a similar occurrence in the future.