CoinDCX, India’s top cryptocurrency exchange, has confirmed a serious security breach involving one of its internal operational accounts, allowing cybercriminals to take off with millions in digital assets.
In a statement released Yesterday, CoinDCX acknowledged the data breach, confirming that an internal account used for operational purposes had been compromised. However, the company hasn’t disclosed the exact value of the stolen funds, but blockchain security analysts estimate the loss to be around tens of millions of dollars based on suspicious transactions traced to the attacker’s wallet.
Investigations suggest that the compromised account may have been accessed through either phishing or weak internal access controls, though CoinDCX emphasized that user funds are secure and stored in separate custodial wallets. This exposes how even non-custodial internal systems, which are often overlooked, could be a weak point in a platform’s security infrastructure.
The company has assured the public that “core systems remain unaffected” and “user assets are safe,” but the community isn’t entirely at ease, causing X formerly Twitter and other forums to lit up with concerns about transparency, possible lapses in internal audits, and what this means for the wider crypto ecosystem in India. A breach of this magnitude sends ripples through the entire crypto sector in India and the whole Asian region. Not only does it dent public confidence, but it also arms regulators with a fresh weapon to push for stricter oversight and compliance requirements.
CoinDCX has confirmed it is working with cybersecurity experts and blockchain forensics teams to trace the stolen funds and identify the perpetrators. Authorities have also been informed, and legal action is underway. The coming days will determine how the exchange restores its reputation and prevents future incidents.
