https://www.bleepingcomputer.com/news/security/bitcoin-exchange-denies-getting-hacked-after-customers-lose-3-million/OKEx, a Bitcoin exchange based in China, issued a statement over the weekend, denying it was hacked and blaming recent thefts on careless users who didn't secure their accounts.
Rumors that hackers breached OKEx started since the end of August when several users began complaining about funds disappearing from their accounts.
Victims reported losing a collective of over 600 Bitcoin, worth around 20 million Chinese yuan, at the time of the thefts, or around 3 million US dollars today. One user alone reported losing over 200 Bitcoin. Users reported seeing German IPs logging into their account just before the thefts.
Exchange says only a few users affected. Not general hack.
Most victims are OKEx customers, but some OKCoin users reported similar thefts. OKEx and OKCoin are sister sites, managed by the same Chinese company.
Both OKEx and OKCoin have denied getting hacked.
"OKEx was NOT hacked. All client assets are safe and sound," said Lennix Lai, Director of Financial Market at OKEx and OKCoin.
The company said it believes that hackers compromised just a few individual customer accounts, either due to poor security or after the owners fell for phishing attacks.
Company recommends turning on 2FA
Following the negative publicity, OKEx published a statement on the incidents, reminding customers to enable two-factor authentication (2FA) for their accounts.
According to CoinMarketCap, OKEx is ranked the 46th most popular exchange by volume, while OKCoin is ranked 16th. Based on Bitcoin transactions alone, OKCoin is ranked as the sixth largest exchange in the world.
Chinese news agency JRJ, who first reported the incidents, points out that China has banned Bitcoin trading, meaning victims can't go to the police to report and investigate the thefts.
Over the weekend, it also came to light that hackers compromised the website of the Etherparty ICO and switched the ICO wallet address, tricking users into sending funds to the wrong address. Etherparty said it would compensate affected users for their losses.