Indian crypto exchange CoinDCX revealed on July 19 that it lost around $44.2 million (₹380 crore) due to a security breach. The hack targeted one of its internal accounts used for managing trading liquidity, not the wallets that store customer funds.
CoinDCX said that the affected account was quickly isolated, and no user assets were impacted. Trading and INR withdrawals are still working as usual, and the company is covering the entire loss using its own treasury funds.
The breach was first spotted by well-known cybersecurity researcher ZachXBT, who flagged the issue around 17 hours after it took place.
CoinDCX’s CEO, Sumit Gupta, addressed the situation on social media, saying the team acted fast to control the damage and emphasized the company’s commitment to full transparency. He added that reserves are strong enough to cover the entire loss, so users won’t feel any financial impact.
As a safety step, the platform temporarily paused its Web3 mode, which gives access to DeFi tokens, but later restored it after checking for risks.
CoinDCX says it will team up with other exchanges to trace and try to get back the stolen money. The company will also launch a bug bounty program to find and fix potential security flaws.
This incident is part of a growing problem, with hackers stealing more than $2 billion worth of crypto in the first six months of 2025, based on data from Chainalysis. The incident also comes exactly one year after WazirX, another Indian exchange, was hacked for more than $230 million.
The rising number of hacks raises ongoing concerns about the security of crypto platforms, especially in countries like India where regulations are still evolving.
