Hotbit, a crypto exchange based in Shanghai, recently disclosed details of a cyberattack that compromised its user database. In response to the attack, the platform has issued a notice that it will temporarily shut down for maintenance.
“Hotbit just suffered a serious cyber-attack starting around 08:00 PM UTC, April 29, 2021, which led to the paralyzation of a number of some basic services,” the crypto exchange’s team stated.
According to Hotbit, the hack was unsuccessful in gaining access to the user wallets. However, the platform’s user database was compromised, and all data pertinent to its users are now in the hands of the threat actor. This includes a user’s registration phone number, email address, and asset data. The attacker has deleted the user database after failing to obtain assets, according to Hotbit.
In a tweet responding to queries, the crypto exchange said that all “data is routinely backed up” and that they are still uncertain whether the attacker has polluted data before the attack, hence the shutdown in response.
Hotbit Chief Security Officer Alex Zhou has reassured users that individual user funds remain unaffected. “The attacker tried to break into the wallet server to steal funds but the action was identified and blocked successfully by Hotbit risk control system. All users’ funds are safe,” Zhou stated in the exchange’s Telegram community.
In its note, the crypto exchange’s team detailed that it will be completely rebuilding all of its 200+ servers to ensure security for its over two million registered users. This will involve a “comprehensive inspection of overall data” to the degree that if any anomaly is detected by the Hotbit team, it will perform an accurate reconstruction of all user data.
The ongoing maintenance would mean that all open trading orders are cancelled for the meantime to prevent any losses. The exchange also promised to admit full responsibility over any losses from exchange-traded funds that are listed on its platform as the maintenance takes place. Daily routine income distributions on the platform are to be paid out after the maintenance is completed.
Hotbit estimates the recovery period to be no less than a week, with up to two weeks given as the maximum, given its pending system upgrade coinciding with the investigation. In the aftermath of this attack, the Hotbit team has advised its users to contact them through official channels to verify the identity of anyone claiming the name of Hotbit before issuing a response.
Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.