Hotbit is temporarily shutting down following a cyber attack that paralyzed a number of its central services.
In a statement, the Chinese crypto exchange reveals that it suffered a security breach at about 8 PM UTC (1 PM PST) on Friday. The hackers also attempted to hack into Hotbit’s wallets, but the attack was identified and stopped by the platform’s risk control system.
Hotbit says it is suspending all its services to conduct an investigation. It is also completely rebuilding its entire suite of servers to ensure heightened security.
“The attacker maliciously deleted the user database after failing to obtain assets. Although the database is routinely backed up, we are still uncertain whether the attacker has polluted data or not before the attack. Therefore, we also need to conduct a comprehensive inspection of the overall data. Once any anomaly is detected, we will perform an accurate reconstruction to ensure that all user data is accurate.”
The exchange assures its nearly two million users that their assets, passwords, and two-factor identifications (2FAs) are safe. Still, it warns that the hackers have control over the database and may send fake communication purporting to be from the Hotbit team. It also admits that the attackers may leak compromised phone numbers, email addresses and other user data.
The crypto exchange expects the maintenance to last between seven and 14 days. Hotbit says it will take full responsibility for losses on leveraged exchange-traded funds (ETF) during the period. To avoid trading losses, it is also canceling all open orders until the system is restored.
As for the daily routine income distributions, such as investment products, the firm says the payouts will occur after the maintenance is completed.