The cryptocurrency exchange Bitfinex came under a ‘minor security incident’ after the compromise of a support staff member’s device.
According to the press release, an unknown party gained access to ‘partial, incomplete and outdated information’ about users.
“None of Bitfinex’s systems were hacked, and there were no losses of client funds. Access to the server, wallet or database infrastructure was not achieved. Law enforcement authorities have been notified [of the incident],” the statement said.
The company added that most accounts ‘were empty or inactive’. Nevertheless, platform staff continue to investigate the situation and are contacting affected clients.
In August 2016, Bitfinex suffered a major hack and temporarily suspended operations. The exchange then lost nearly 120,000 BTC ($71.8 million at the time, more than $4.18 billion at current prices).
In May 2020, unknown parties sent 30.667192 BTC from the stolen funds to anonymous addresses. Later moved 4571 BTC and 473.3183 BTC.
In August 2020, Bitfinex announced a $400 million reward for assistance in recovering the stolen funds. In October the attackers moved bitcoins totaling more than $30 million, and in December — in total 7045.48 BTC.
On February 1, 2022, 94,643 BTC moved. In the same month, U.S. authorities arrested 34-year-old Ilya Lichtenstein and 31-year-old Heather Morgan on charges of laundering 119,754 BTC stolen from Bitfinex.
U.S. Department of Justice officials also said it was the largest seizure of digital assets in the department’s history — 94,636 BTC ($3.6 billion at the time).
Morgan was released on bail of $3 million. The court found there was no substantial evidence against her beyond the assertion that she, ‘allegedly, received assets related to the case’.
Back in May 2023, journalists found that Bitfinex could not implement ‘operational, financial and technological controls’. This made the breach possible.