• The FBI is investigating a data breach involving 3Commas, a cryptocurrency trading service.
• The breach was discovered after users noticed their funds had gone missing without their consent.
• The estimated losses of the affected users is over $20 million.
The Federal Bureau of Investigation (FBI) has launched an investigation into a data breach involving 3Commas, a Estonia-based cryptocurrency trading service. CoinDesk has learned that the investigation was initiated after weeks of criticism from users of the service, who reported that their funds had gone missing without their consent. This then led to the discovery that 100,000 Binance and KuCoin API keys linked to 3Commas had been leaked, prompting the FBI to reach out to two 3Commas users in connection to the leak.
The breach has been a source of immense frustration for 3Commas users, with one group of victims reaching out to the US Secret Service and other law enforcement agencies in an attempt to understand what had happened. The group leader, Edmundo (Mundy) Pena, has estimated the collective losses of the group to be over $20 million.
Initially, 3Commas had suggested that the users were likely victims of phishing, and insisted that their platform was secure. However, the leaker of the API data insinuated that the keys had been sold by someone from within 3Commas. In response to this, 3Commas CEO Yuriy Sorokin released a statement on Thursday, stressing that an internal investigation had found no evidence of any employees being involved in the attack or the sale of the keys.
In addition to the internal investigation, 3Commas has also contacted law enforcement authorities to inform them of the breach and the situation at hand. It remains to be seen what the outcome of the FBI’s investigation will be, and if any of the users will be able to recover their funds.