Breach inside CoinDCX: CEO reveals ‘sophisticated’ server attack on ops account

CoinDCX, a cryptocurrency trading platform, on Saturday confirmed a security breach involving one of its internal operational accounts used for liquidity provisioning, but stressed that no customer funds were impacted.

CoinDCX CEO Sumit Gupta issued a statement to the community, assuring that the platform’s cold wallet infrastructure remains secure and all services are fully functional. 

“Today, one of our internal operational accounts — used only for liquidity provisioning on a partner exchange — was compromised due to a sophisticated server breach,” Gupta said in a post on X. “I confirm that the CoinDCX wallets used to store customer assets are not impacted and are completely safe.”

The company said the incident was “quickly contained” and that the affected account was isolated. “Since our operational accounts are segregated from customer wallets, the exposure is only limited to this specific account and is being fully absorbed by us — from our own treasury reserves,” Gupta noted.

He emphasised that all trading activity and INR withdrawals continue as normal. “No customer funds have been impacted. Your assets remain completely safe and protected in our secure cold wallet infrastructure,” Gupta reiterated.

The internal security and operations teams, along with external cybersecurity experts, are currently investigating the breach. “Our internal security and operations teams have been working through the day along with leading cybersecurity partners to investigate the matter, patch any vulnerabilities and trace the movement of funds,” Gupta said. He added that CoinDCX is also working with the affected partner exchange and will soon launch a bug bounty program.

“Every security incident is a learning and we will learn from this and further strengthen our platform,” Gupta said. “More importantly, this is our time to win this war against cyberthreats in the industry and we commit to work together with experts to secure our industry.”

Acknowledging the possible concerns among users, Gupta said: “I understand incidents like this can be unsettling — even when customer assets are unaffected. That’s why I am sharing this incident with you with full transparency.”

He concluded by thanking users for their continued trust and promised real-time updates as the situation evolves.