On May 16th, 2021, the cryptocurrency exchange Fortress Trust revealed that it had suffered a major security breach resulting in a loss of funds. The company reported the theft of nearly $273 million in digital tokens, including Bitcoin, Ethereum, XRP, and Tezos, from its hot wallets.
Analysis of the security incident led the firm to determine that the theft was the result of a phishing attack on one of its cloud vendors. The phishing attack allowed an attacker to gain access to the cryptocurrency wallets managed by the cloud vendor. The stolen funds were then transferred to a number of wallets associated with the attacker.
Fortress Trust has since taken measures to secure its accounts, including increased security on the cloud vendor, and has urged customers to use two-factor authentication on all accounts, as well as to use unique and strong passwords. In addition, the company announced that it is working with law enforcement to investigate the incident and to secure the return of the stolen funds.
