SINGAPORE: Singapore-based cryptocurrency exchange Crypto.com confirmed on Thursday (Jan 20) that it had been hacked, with 483 users' accounts affected.
In a blog post, the company said it learned on January 17 that a "small number of users" had made unauthorized withdrawals from their accounts.
These unauthorized withdrawals totaled 4,836.26 Ethereum, 443.93 Bitcoin, and approximately $66,200 in other currencies.
This amounted to around US$31 million (S$41.7 million), based on Friday's exchange rate.
The company had detected unauthorized activity in some accounts on Monday, with transactions approved without two-factor authentication (2FA) provided by users.
"Crypto.com quickly suspended withdrawals of all tokens to launch an investigation and worked around the clock to address the issue," he said, adding that no customers experienced a loss of funds.
Unauthorized withdrawals were prevented in "most cases," and customers received a full refund in all other cases, the company said.
The affected accounts were "fully restored," it said.
Existing 2FA tokens were revoked, while additional "security hardening" measures were added that required all customers to log in and set up their 2FA tokens again, it added.
Withdrawals were down for about 14 hours, the company said.
