Chinese global cryptocurrency exchange, Binance, reported the theft of 7,000 bitcoins worth more than $40 million on Tuesday.
Based in Malta, Binance is considered the biggest cryptocurrency exchange in the world in terms of trading volume. It had a market capitalization of $1.3 billion in January 2018.
In a statement, Binance said hackers stole 7,000 bitcoins (each worth $5,800) and used a variety of methods to carry out the "large scale security breach." Hackers were able to obtain a large number of user API keys, 2FA codes, and other data to carry-out the successful cyberattack.
Binance CEO Changpeng Zhao confirmed no users' funds will be affected as they are insured internally by the firm. He also said Binance will cover the incident "in full."
As a result of the hack, Binance has suspended deposits and withdrawals on its platform but trading will be allowed.
"To protect the future interests of all users, Binance will create a Secure Asset Fund for Users (SAFU). Starting from 2018/07/14, we will allocate 10% of all trading fees received into SAFU to offer protection to our users and their funds in extreme cases. This fund will be stored in a separate cold wallet," said Zhao.
More disturbingly, Binance admitted the hackers managed to steal user information such as two-factor authentication codes required to log in to a Binance account. It also warned "hackers may still control certain user accounts and may use those to influence prices."
Binance hasn't said what it intends to do about this serious breach. It did reveal it was able to trace the stolen bitcoin to a single wallet.
"The hackers had the patience to wait, and execute well-orchestrated actions through multiple seemingly independent accounts at the most opportune time," said Binance.
"The transaction is structured in a way that passed our existing security checks. It was unfortunate that we were not able to block this withdrawal before it was executed. Once executed, the withdrawal triggered various alarms in our system. We stopped all withdrawals immediately after that."
Binance said the theft hit its "hot wallet" for storing cryptocurrency, which accounts for about 2 percent of its total bitcoin holdings. Its "hot wallet" is connected to the internet in contrast to a "cold" one that stores digital coins offline.
This article originally appeared in IBTimes US.