Internal Account Breached in Major Cyber Attack: User Funds Remain Safe
CoinDCX, one of India’s largest cryptocurrency exchanges, has confirmed a major hacking incident resulting in a loss of $44 million (₹368 crore). The attack took place early on Saturday and targeted one of the platform’s internal operational accounts.
Importantly, the Mumbai-based firm assured users that their personal crypto assets and INR balances are completely safe.
No Customer Funds Involved, Says CoinDCX
In its official statement, CoinDCX clarified that the breached account was solely used for liquidity management on a partner exchange. It did not store any user assets or hold customer funds.
Co-founder Sumit Gupta shared on social media that the breach was the result of a “sophisticated server attack.” He confirmed that the loss will be entirely covered by CoinDCX’s own treasury reserves, which remain in strong health.
Web3 Platform Paused, Resumed After Investigation Begins
Shortly after detecting the breach, CoinDCX temporarily suspended operations on its Web3 trading platform. This was done as a precautionary measure to contain any potential threat.
The Web3 platform is now live again. Trading and INR withdrawals on CoinDCX’s primary exchange platform were never affected and continue to function normally.
CEO Urges Users Not to Panic Sell
Sumit Gupta advised users to remain calm and avoid panic selling.
“Don’t panic, sell your assets. Let the markets settle. Stay calm, stay confident,” he posted on X.
He stressed that rash decisions during volatile times can lead to poor trade outcomes and unnecessary losses.
Security Team Investigating with Global Cyber Experts
CoinDCX has launched a full investigation into the breach. Its internal security team is working with global cybersecurity partners to trace the stolen funds and fix any vulnerabilities.
To further enhance system security, CoinDCX also plans to launch a bug bounty programme. The initiative will reward ethical hackers who report flaws in the system, promoting better protection against future attacks.
Larger Context: Crypto Security Under Watch in India
This breach comes at a time when crypto security is under intense focus in India. The Indian government is expected to soon release its first crypto policy paper, potentially introducing tighter regulations and clearer guidelines for exchanges.
CoinDCX is not the first Indian exchange to face such an incident. In 2024, WazirX reportedly lost over $230 million in a similar breach due to compromised private keys.
CoinDCX Promises Transparency and Stronger Defenses
The company has committed to sharing verified updates once its investigation concludes. It reiterated its focus on building a safe, transparent, and trusted crypto ecosystem in India.
Sumit Gupta summed up the incident by saying,
“This is more than just an internal matter. It’s a reminder of the evolving threats facing crypto platforms globally.”
WazirX Faced Similar Breach in 2024
This is not the first major crypto breach involving an Indian exchange. In 2024, WazirX reportedly lost over $230 million worth of crypto. That hack was linked to compromised private keys, a critical vulnerability that allowed attackers to siphon off large volumes of funds.
These back-to-back incidents reflect the growing cybersecurity challenges in India’s crypto space — even among the most established platforms.
