Golix, a Zimbabwean cryptocurrency exchange platform that is said to be processing about $1 million per month, has disclosed a breach into their some of their user accounts that took place three weeks leading up to the 12th of March 2018, via an email to their customers. According to the email, a limited number of Golix accounts fell victim to unsolicited third party access.
Miraculously, the hackers did not make away with any cryptocurrency. Apparently, the hackers only converted funds between individual users’ cryptocurrencies and USD wallets and also bought some cryptocurrencies. “As a result of this intrusion, affected users have noticed some changes to their accounts such as the conversion of their cryptocurrencies and/or the acquisition of additional cryptocurrencies through already held US dollar balances,” reads part of the email sent out to Golix customers.
Golix says that their technical team made some changes to their system to “prevent the withdrawal of any form of currency from users accounts,” thus ensuring that no withdrawals are made without full verification.
The company does not give further details as to the extent of the breach or how many accounts fall under “a limited number of Golix accounts.” Questions arise as to why hackers would breach a user accounts on a cryptocurrency exchange platform just to buy a few bitcoins using these accounts and not withdraw any funds. TechZim shines some light that maybe the hackers made the withdrawals look legit since Golix only speaks of no withdrawals being made without full verification, meaning there were “verified withdrawals” or what looked like so.
Back in January this year, Golix crashed and was offline for more than 14 hours which was followed by fears that the platform had been hacked and the hackers supposedly made off with 12 Bitcoins valued at over $200,000. However, the management dismissed these claims, saying that it was only a “technical glitch that caused the system to automatically shut down.”
Since the hack just happened, we will be waiting to get more information from the Zimbabwean-based company regarding the breach in the coming days. For now, let’s go with the belief that some hackers were just bored and wanted to play around with people’s Bitcoins and dollars stored on Golix.
Update:
Golix has released an official statement through their Director of Communications, Nhlalwenhle Ngwenya, clarifying that their platform was not hacked but rather it is 23 of their user accounts that were breached. Golix has gone ahead to advise its users to immediately start using Two Factor Authentication (2FA) for their Golix login.