Data leak by insiders: How a crypto exchange became the target of bribery attacks

The Arrest of a Former Employee in India Reveals a Growing Security Risk in the Crypto Industry. What initially appeared to be a technical hack turned out to be a classic bribery scheme: cybercriminals paid employees cash to gain access to customer data. During an attack on a leading trading platform, sensitive information from customer service employees was stolen, who were working as external contractors.

Investigations by the Hyderabad police and cooperation with authorities in the USA led to the arrest of the suspected employee. The security chief of the affected platform confirmed the incidents and emphasized that such social engineering attacks represent a systemic problem. Instead of fighting through firewalls, the attackers targeted vulnerable individuals in outsourced operations and offered them financial incentives.

The Scope of the Security Breach

The intrusion began in May and allowed hackers nearly uncontrolled access to user accounts for months. The estimated damage amounts to around $400 million USD, making this one of the most severe security incidents in the crypto industry. An extortion gang initially demanded $20 million USD for the stolen data.

Security experts recorded a total loss of $2.2 billion USD in 2024 due to such attacks. This trend shows that criminals are increasingly relying on internal vulnerabilities rather than technical failure points. The choice of India as a target region illustrates that attackers are deliberately seeking more cost-effective outsourcing locations to maximize their chances of success.

Response and Damage Control

The company announced that the compromised access was immediately revoked after the data leaks were discovered. The CEO confirmed on platform X that the arrest is a sign of zero tolerance toward misconduct and that further enforcement actions would follow. At the same time, it was announced that charges had been filed against another suspect in Brooklyn, who is accused of running a long-term fraud scheme.

The financial burden from remediation and user compensation remains significant. Exchange investors reacted cautiously: stock prices fell, and trust in the security infrastructure was shaken. Nevertheless, the platform continues to position itself as a major market player, especially through its holdings in spot Bitcoin ETF tokens.

Broader Implications for the Industry

The case illustrates a critical shift in attack patterns. Not only technical vulnerabilities but also human factors are becoming the Achilles’ heel. The crypto industry is investing substantial resources in lobbying and political influence—$52 million USD flowed into election campaigns in 2024, highlighting the growing importance of regulatory frameworks.

For investors and users, the lesson is clear: security is not a one-time project but an ongoing process that must also include the review of employees and contractors worldwide. The increasing professionalization of social engineering attacks requires companies to reevaluate their security strategies beyond mere software solutions.