We are glad to share that Coinhako is back to full operational capacity, with added security to our wallets, user accounts and the rest of the platform. Our overall plan against the sophisticated and coordinated attack on specific user accounts at Coinhako — first detected on 21st Feb 2020 — was effective and only fewer than 20 users were affected; all of whom have been fully reimbursed.
Coinhako remains operational and no cryptocurrency keys were accessed.
During the recovery period, Coinhako also maintained a high level of communication with users, by providing daily updates via our Telegram channel
AND ALL USER FUNDS ARE SAFE
As we value the trust our users have in our platform, we would like to take the opportunity to share with you in detail about the situation. Here is a timeline of the key events during the past few days.
21 Feb 2020
Upon the first unauthorised withdrawals being made, our system detected a discrepancy in the account balances. As part of our risk management process for cryptocurrency transaction anomalies, our wallets were entered into a network maintenance mode, temporarily disabling the "Send" function.
This allowed our team to reconcile all transactions against the blockchain transactions and known-good order data backups to verify balances.
As part of this process, the unauthorised cryptocurrency transactions were identified.
All other cryptocurrency services and fiat deposit and withdrawal services on Coinhako remained fully functional; Access remained accessible throughout.
23 Feb 2020
An initial consensus by the security team was made that all services would be safe to return to full operational capacity by 26 Feb 2020.
A trade fee discount code was distributed to all Coinhako users for all cryptocurrency trading pairs (Buy, Sell and Swap cryptocurrencies), allowing them to convert their cryptocurrencies back to fiat–where users could request for direct bank transfer– at a cheaper rate and vice versa.
25 Feb 2020
Additional precautionary measures were identified by the security team to ensure maximum security of our platform upon our return to full operational capacity.
- All user accounts were made to do a password reset.
- All user accounts with enabled Two-Factor Authentication (2FA) were made to do a 2FA reset.
Additional days were added to the initial re-opening consensus, shared on 23 Feb 2020.
26 Feb 2020
All affected users were fully reimbursed the amounts of any unauthorized transaction from this incident.
Our team continued to work around the clock to enhance our security measures and clear the backlog of ongoing 2FA resets.
27 Feb 2020
Our team nears full completion of our recovery plan and commenced on final works to ensure a safe return to full operational capacity.
28 Feb 2020
'Send' for the first batch of cryptocurrencies – Bitcoin (BTC), Bitcoin Cash (BCH), Ethereum (ETH) – was re-opened, but with added security measures.
These temporary security measures that were put in place would allow us to monitor larger cryptocurrency transaction amounts more closely.
29 Feb 2020
'Send' for the second batch of cryptocurrencies – Tether (USDT), True USD (TUSD) and USD Coin (USDC) – was re-opened, with the added security measures to monitor larger cryptocurrency transaction amounts more closely.
The ‘Send’ function for all cryptocurrencies was re-enabled and Coinhako returned to full operational capacity.
We would also like to clarify that throughout the entirety of the recovery process, we managed to be remain fully operational and user access to funds stayed open; Trading services such as the ‘Buy’, ‘Sell’, and ‘Swap’, as well as ‘Receive’ for cryptocurrencies were still available. Bank transfers and all other fiat – Singapore Dollars (SGD), Vietnamese Dong (VND), and Indonesian Rupiah (IDR) – services were not halted at any point in time.
While additional security measures are still in progress, we are confident that we have taken the necessary steps to allow us to re-enable all our services for everyone.
Moving Forward: Preventive Measures To Ensure Better Security For All
Coinhako will be ramping up our security measures to ensure better security for your tokens and funds on our platform. As we had already shared, we will have added surveillance for larger transaction amounts, to ensure greater fund safety on our platform.
If you have not completed our password and 2FA resets, after 25 February 2020, please do so as soon as possible. This is a mandatory for all our users to ensure the safety all user accounts
In order to ensure better protection of your funds, tokens, and online data, we also strongly urge you to check out our Security Guides that we have created for all our users.
We would once again like to apologize for any inconvenience caused by the recent disruptions but it was not easy to come to a decision to disrupt services for our users. As a platform that holds customers funds, we have always been committed towards prioritizing the security of user funds and will continue to focus on it as a firm.
To compensate users for the recent disruptions, we have extended a special promo code that would give every Coinhako user a trading fee discount.
This is also a reminder that all passwords, and 2FA tokens for users that have it enabled, were invalidated on 25 Feb 2020.
If you have not reset your password of 2FA after 25 Feb 2020, kindly do so as soon as possible to carry on using our services.
*You do not have to reset your password or 2FA if you have done so after
25 Feb 2020. *
We are constantly working to improve our services and to serve every Coinhako user better. Our efforts to tackle this crisis as a team has allowed us to emerge stronger as a company.
Coinhako looks forward to serving all our users with confidence for many years to come.
Thank you for your trust and continued support for Coinhako.
*The information presented in this article does not constitute investment advice and is purely for educational and/or informational purposes.
👉Join our Telegram community