Following a security breach that took place on Sunday, Floating Point Group – a crypto broker with $50 billion in assets under management whose primary clients are institutional investors – said it lost somewhere between $15-20 million and counting.
Investigation Underway
Clients were recently notified of the breach via email, saying all operations on the platform were temporarily suspended until the investigation is concluded in a satisfactory manner “out of an abundance of caution.” According to a spokesperson for the company, updates on the situation will be few and far between, as the FBI and DHS are both allegedly involved.
“We are working with the FBI, the Department of Homeland Security, our regulators, and Chainalysis to understand how this occurred and to recover assets. As this is an ongoing investigation with law enforcement, we cannot share specifics at this time.”
For now, deposits, withdrawals, and trading are locked, with no estimated restart date.
2/5 Our account segregation limited the overall impact of the attack. We have ceased trading, deposits, and withdrawals, out of an abundance of caution. Finally, we have notified law enforcement and are actively cooperating with them on this matter.
— Floating Point Group (@fpgcrypto) June 14, 2023
FPG then took to Twitter to notify the crypto community at large of the breach, albeit with locked replies.
Cybersecurity Measures Allegedly Mitigated Some Damage
According to a spokesperson for the company, FPG’s internal compartmentalization of accounts limited the scope of the attack.
This wording could hint at a phishing attack in which the login credentials for minor administrators were used to empty the accounts of clients whose funds were being managed by said administrator. In this case, the investigation in progress is probably focused on discovering just how many sets of credentials may be compromised.
It’s worth noting that FPG regularly performed both internal and external audits. Late last year, both CertiK and Prescient Assurance conducted an external audit of FPG’s cybersecurity measures. The firm was awarded a SOC 2 Type 1 certificate, acknowledging its commitment to a robust cybersecurity environment.
“FPG has received today a SOC 2 Type 1 certification. We have implemented continuous security and compliance monitoring with a suite of enterprise tools to enable ongoing assessment of infrastructure, technology, and employees to reinforce and uphold a commitment to serving customers and protecting their digital assets.“
Unfortunately, these measures were not stringent enough, as hackers still found a way to breach their s and make off with a serious amount of stolen crypto.
Isenção de responsabilidade: As informações contidas nesta página podem ser provenientes de terceiros e não representam os pontos de vista ou opiniões da Gate. O conteúdo apresentado nesta página é apenas para referência e não constitui qualquer aconselhamento financeiro, de investimento ou jurídico. A Gate não garante a exatidão ou o carácter exaustivo das informações e não poderá ser responsabilizada por quaisquer perdas resultantes da utilização destas informações. Os investimentos em ativos virtuais implicam riscos elevados e estão sujeitos a uma volatilidade de preços significativa. Pode perder todo o seu capital investido. Compreenda plenamente os riscos relevantes e tome decisões prudentes com base na sua própria situação financeira e tolerância ao risco. Para mais informações, consulte a
Isenção de responsabilidade.
