CoinDCX Suffers Major Security Breach, Rs 368 Crore Lost in Hack

In a significant cybersecurity incident, Indian cryptocurrency platform CoinDCX has confirmed a hack that resulted in losses of approximately $44 million (around ₹368 crore). The breach occurred in the early hours of Saturday, targeting one of the company’s internal operational accounts.

The Mumbai-based exchange emphasized that user funds remain completely secure, and the compromised account was only used for liquidity operations on a partner exchange — not for storing customer assets.

Sumit Gupta, Co-founder of CoinDCX, took to social media to explain that the breach stemmed from a sophisticated server-side compromise. He reassured the community that the losses would be fully covered by the company’s treasury, which he described as financially strong enough to absorb the damage.

As a precautionary step, CoinDCX temporarily paused its Web3 trading services, though they are now operational again. Importantly, main platform operations including INR withdrawals and spot trading were unaffected, and users can continue to trade normally.

Gupta urged investors to remain calm and avoid panic selling, noting that hasty moves often lead to poor trade execution and avoidable losses. He advised users to “stay confident” and wait for the market to stabilize.

The company’s cybersecurity team is currently working with global experts to investigate the breach, identify weaknesses, and attempt to track the stolen assets. CoinDCX also announced plans to introduce a bug bounty program to reward ethical hackers who report system vulnerabilities.

While investigations are still ongoing, the company promised transparency and said it will release verified details in due time. Gupta emphasized that this incident highlights the growing cyber threats in the crypto industry, adding that CoinDCX remains committed to building a secure ecosystem.

This breach comes amid heightened scrutiny of crypto security in India. The government is expected to release its first policy framework for the crypto sector, which may bring clarity and stricter regulations. It’s worth noting that this isn’t the first such case — in a similar breach last year, WazirX lost over $230 million due to compromised keys.

CoinDCX stated it is treating the breach with utmost seriousness and reaffirmed its focus on maintaining user trust and platform integrity.