Crypto security breaches are up 850% in the last decade

By: Jayson Derrick
Jayson Derrick
Jayson lives in Montreal with his wife and daughter, loves watching hockey, and is on a lifelong quest to… read more.
on Dec 16, 2021
Updated: Jan 18, 2022
  • $12.1 billion worth of cryptocurrencies have been stolen from 2011 through 2021.
  • An estimated $4.25 billion worth of cryptos were lost to crime in 2021.
  • The largest and most notable cryptocurrency breach was the hack of Mt. Gox in 2014.

Cryptocurrency crime stands in direct proportion to the size of the cryptocurrency market. It is estimated that the cryptocurrencies stolen between January 2011 and December 2021 amount to $12.1 billion. 

Exploiting vulnerabilities in the security systems of crypto exchanges is the most common tactic. $3.18 billion has been lost in security breaches, $1.76 billion through DeFi hacks, and $7.12 billion through scams.

Are you looking for fast-news, hot-tips and market analysis? Sign-up for the Invezz newsletter, today.

The most common locations of such security breaches are Japan, South Korea, the United States, the United Kingdom, and China – the very countries where cryptocurrency is most popular.

This article presents data on the increase in the number of breaches and money lost to them year on year over the last decade, and ends with a recap of the biggest breaches in history and advice from one of our finance experts on how to keep your money safe when investing in cryptocurrencies.

Increase in number of breaches

YearNumber of ScamsYearIncrease In Number of Breaches (%)
2021762020 – 2021145%
2020312019 – 202019%
2019262018 – 201973%
2018152017 – 20187%
2017142016 – 2017180%
201652015 – 2016-50%
2015102014 – 2015-9%
2014112013 – 2014-31%
2013162012 – 201314%
2012142011 – 201275%
20118

The percentage increase in the number of scams per year is up by 850% from 2011 to 2021. As you can see from the table above, 2021 has been the worst year so far with the highest number of scams by more than double. The biggest increase occurred between 2016 to 2017 (180%), when some major attacks took place.

Increase in money lost to crypto breaches

YearTotal Money Lost ($)YearIncrease In Money Lost (%)
20214,250,000,0002020 – 2021185%
20201,490,000,0002019 – 2020-57%
20193,500,156,0002018 – 2019259%
2018974,000,0002017 – 201851%
2017645,901,0002016 – 2017341%
2016146,509,0002015 – 2016-64%
2015404,116,0002014 – 2015-36%
2014634,069,7002013 – 20144356%
201314,228,8202012 – 2013147%
20125,762,8102011 – 2012438%
20111,070,820

The percentage increase in money lost to crypto crime between 2011 to 2021 was a massive 396,792%. The worst year has been 2021 with over $4.25 billion lost. The biggest increase in lost funds was between 2013 to 2014, when the amount lost increased by 4,356%. That was the year MtGox suffered a major hack, leading the exchange to collapse.  

Biggest breaches in history

Cryptocurrency comes with many freedoms, but it’s only as reliable as the security measures and protections of third party wallet providers. Here are the biggest breaches in history.

1. Mt. Gox, $615M

The hack of Mt. Gox in 2014 remains the biggest in history. What some don’t know is that it wasn’t the first hack. Mt. Gox was hacked in 2011 and Bitcoin worth $8.75 million was lost. The Japanese exchange didn’t learn from its lesson and lost almost 850,000 bitcoins three years later, equivalent to $615 million. The hackers achieved this by flooding Mt. Gox with a huge amount of fake bitcoins. It emerged that anyone could overwrite the site’s code, posing a major risk.

2. Poly Network, $600M+

In August this year, blockchain-based platform Poly Network suffered a major breach. A hacker siphoned off more than $600 million in crypto, making it the second-biggest hack in the DeFi space. Subsequently, most of the funds were returned. Poly Network offered the white hat hacker a job.

3. Coincheck, $534M

In January 2018, hackers infiltrated the exchange and stole crypto worth $534 million. They were able to access hot wallets in a phishing attack. Then, they spread malware and extracted the funds. In early 2021, it emerged that most of the perpetrators were high-income individuals. The good news is that Coincheck is still up and running. Monex Group, a traditional Japanese financial services provider, bought it in April 2021.  

4. KuCoin, $281M

Singapore-based exchange KuCoin suffered a breach in September 2020, losing more than $281 million in crypto. Hackers got their hands on the keys to the hot wallets on the exchange. KuCoin suspended all transactions immediately and launched a thorough investigation, which helped recover more than $204 million within weeks. Allegedly, a group of hackers from North Korea committed the breach. 

5. PancakeBunny, $200M  

In May this year, PancakeBunny lost $200 million in a flash loan attack. The hacker gave a huge loan in Binance Coin, then disbalanced the price and dumped it on the exchange’s marketplace. He got a very large amount of BUNNY, the exchange’s native token, through this loan. After that, he dumped all of it on the market, causing the price to plummet. Finally, he paid the BNB back on PancakeSwap (CAKE/USD).

6. BitGrail, $195M

BitGrail, an Italian exchange, suffered a breach in 2019. According to insiders, NANO worth $195 million was stolen. The perpetrators have not been identified. It is believed several people were jointly liable: the founder of the exchange, the development team, and the hacker.

Milko Trajcevski, cryptocurrency analyst at Invezz said:

The main thing here that we all need to be aware of as cryptocurrency investors is the fact that, as long as you keep your cryptocurrency tokens on the exchange wallet you are using directly, they will be at risk. Hackers and bad actors are constantly pushing towards new ways of compromising the security of these exchanges, and while they are fairly secure and even promise cold storage options and insurance, you still have a slight level of risk there.

The best and only way for you to keep your cryptocurrency tokens as safe as possible is to store them within a private cryptocurrency wallet. A private cryptocurrency wallet is one where you have full control over the private keys to that wallet. Additionally, you can go the extra distance and invest in a private cryptocurrency wallet, but the general idea here is to keep your tokens off an exchange, where you have full ownership and control over them.

In terms of spotting cryptocurrency scams, generally speaking, if the token in question is added to a reputable exchange, there is a slimmer risk, however, before investing in a token, always check the team behind the token, who’s developing it, have they had enough time on the market, prior experience in the industry and so on. Research about a project can take you a long way when it comes to spotting potential scams. Research historical hacks and scams so you can get a “feel” for all of the red flags seen there. Generally speaking, if a project sounds too good to be true, it probably is, however, there will always be an exception. Don’t follow the hype, follow your research.

Invest in crypto, stocks, ETFs & more in minutes with our preferred broker, eToro
10/10
68% of retail CFD accounts lose money