The global exchange said that an attacker forged “judicial documents” to obtain the personal information of some OKX users.
OKX denied speculations that pointed to a security flaw in its verification system.
In a post-mortem on X, OKX claimed that a hacker used forged “judicial documents” to obtain the personal information of “very few” OKX users. “The matter is under investigation by the judicial authorities, and we cannot disclose more specific details,” the crypto exchange wrote in a statement.
The security breach surfaced on social media over the weekend after two OKX users claimed that their accounts had been compromised and drained. Blockchain security company SlowMist pointed out the similarities between the two incidents — a new API key was created after the users received risk notification SMS texts from Hong Kong for account verification.
Web3 security group Dilation Effect made a claim Monday that the attackers took advantage of a security loophole in OKX, which allegedly allows users to turn off Google Authentication or mobile phone verification without triggering a 24-hour withdrawal halt system in case of certain user activities.
The exchange, however, rebutted the claim in its post-mortem. “This incident has nothing to do with the choice of Google Authenticator or SMS verification,” OKX said.
OKX added in its latest X post that it has already compensated and will continue to compensate affected users. Wu Blockchain reported Wednesday that the two users that had their accounts compromised have received full compensation from the exchange.
OKX declined to comment on The Block’s request for further details regarding the incidents, including the exact number of affected users and if every one of them has been compensated for their losses.