CoinDCX Suffers Rs 368 Crore Crypto Breach: CEO Outlines Recovery Plan
On July 19, 2025, CoinDCX, one of India’s leading cryptocurrency exchanges, confirmed a significant security breach that resulted in a loss of approximately $44.2 million (nearly Rs 368 crore). The incident, which targeted an internal operational account used for liquidity provisioning, has sent ripples through the crypto community, raising concerns about exchange security. However, CoinDCX’s co-founder and CEO, Sumit Gupta, has reassured users that customer funds remain unaffected and outlined a robust plan to address the breach.
What Happened?
The breach, described as a “sophisticated server attack,” occurred early Saturday morning, compromising an internal account used solely for liquidity operations on a partner exchange. Blockchain investigator ZachXBT and cybersecurity firm Cyvers detected suspicious wallet activity nearly 17 hours before CoinDCX’s public disclosure, estimating the stolen amount at $44.2 million. The stolen funds, primarily stablecoins USDC and USDT, were moved from Solana to Ethereum and routed through Tornado Cash, a cryptocurrency mixer known for obscuring transaction trails. The attacker reportedly funded their wallet with 1 ETH via Tornado Cash before executing the theft, complicating efforts to trace the funds.
CoinDCX swiftly contained the incident by isolating the affected account. The company emphasized that no customer wallets were impacted, as operational accounts are segregated from user funds, which are stored in secure cold wallets. This distinction was critical in ensuring that the platform’s 16 million users faced no direct financial loss.
CEO’s Response and Recovery Plan
Sumit Gupta took to X to address the breach with transparency, stating, “At CoinDCX, we have always believed in being transparent with our community, hence I am sharing this with you directly.” He assured users that all trading activities and INR withdrawals remain fully operational, urging them not to panic-sell assets, which could lead to losses due to poor pricing.
To mitigate the financial impact, CoinDCX committed to absorbing the entire $44 million loss from its treasury reserves, which Gupta described as “sufficiently healthy.” This move contrasts with the response of WazirX, another Indian exchange that suffered a $230–$235 million hack in July 2024, where customer funds were affected, leading to halted withdrawals and partial compensation plans that drew criticism.
Gupta outlined several steps to address the breach and prevent future incidents:
- Collaboration with Experts: CoinDCX is working with leading cybersecurity firms and its partner exchange to investigate the breach, patch vulnerabilities, and trace the stolen funds.
- Bug Bounty Program: The exchange plans to launch a bug bounty program to encourage ethical hackers to identify and report system weaknesses, enhancing platform security.
- Transparency and Updates: Gupta promised real-time updates as the investigation progresses, ensuring users are kept informed of verified details.
- Strengthening Security: The company views the incident as a learning opportunity, with plans to bolster its security framework to combat evolving cyber threats.
Co-founder Neeraj Khandelwal echoed Gupta’s sentiments, stating, “We are supercharged to take CoinDCX to the next level, learning from this incident — we will not let it go to waste.” The team also addressed temporary issues, such as portfolio loading delays due to heavy server traffic, by provisioning additional server capacity to restore full functionality.
Context and Industry Impact
This breach marks the second major crypto hack involving an Indian exchange within a year, following WazirX’s $230–$235 million loss in July 2024, which was linked to North Korea’s Lazarus Group. Globally, 2024 has seen $2.2 billion in crypto losses due to cyberattacks, according to Chainalysis, highlighting the growing sophistication of cyber threats in the industry.
The CoinDCX incident has reignited discussions about crypto exchange security and regulatory oversight in India. With the government expected to release its first crypto policy paper soon, the breach could prompt stricter regulations to protect investors. CoinDCX’s proactive response, including its commitment to cover losses and enhance security, may set a precedent for how exchanges handle such incidents.
Looking Ahead
While the breach is a setback for CoinDCX, the company’s swift response and financial resilience demonstrate its commitment to user trust. Gupta acknowledged the broader implications, stating, “This is more than just an internal matter. It’s a reminder of the evolving threats facing crypto platforms globally.” By absorbing the loss, launching a bug bounty program, and collaborating with cybersecurity experts, CoinDCX aims to emerge stronger and more secure.
For users, the incident underscores a critical reality: while customer funds were unaffected, the crypto ecosystem remains a target for sophisticated cyberattacks. As CoinDCX works to recover the stolen assets and fortify its platform, the incident serves as a wake-up call for the industry to prioritize robust security measures.
Sources: The Economic Times, News18, NDTV, BusinessToday, The Block, Business Standard, X posts by @smtgpt, @neerajKh_.
