At 08:40 EST 20 October 2018, the trade.io security team was alerted to a large transaction originating from our wallet holding 50M Trade Tokens (TIO) owned by trade.io reserved for the liquidity pool. Immediately following the alert, our trade monitoring observed abnormal trading of TIO on external exchanges. These exchanges were immediately alerted to disable deposits/withdrawals and trading of TIO, and our security team began its investigation. The responsiveness by the various teams within trade.io prevented the situation from deteriorating and helped quarantine the issue.
At no point was the trade.io exchange or liquidity pool accessed or affected, and both remain operational. The breach was limited to one particular hardware wallet that was purchased directly from the manufacturer. Consequently, no customer accounts were directly affected, or customer funds lost. Investigations are ongoing, but have so far concluded that there was no technical hack on the cold storage unit, and trade.io systems remain secure and unbreached. There is also nothing to indicate theft by internal actors.
Along with the management team, both KuCoin and Bancor responded promptly and are assisting trade.io in our investigation and have taken steps to quarantine the associated transactions.
We are actively taking steps to further lock down the situation, and prevent any othe potential impact.
As a result of the incident, trade.io Management has decided to fork TIO. The name of the forked token will be Trade Token X with the ticker TIOx, similar to TIO it will be an ERC-20 token. Details of the fork are expected to be released soon.
Lastly, while this security breach has been an inconvenience, we are happy to report again
that no client assets were lost and we’re pleased with how efficient and responsive our entire team acted following the breach. We’ve been overwhelmed with the positive response from our clients which we affectionately call TIOnauts and can’t thank them enough for their support and well wishes as we continue this special movement.
-------
At no point was the trade.io exchange or liquidity pool accessed or affected, and both remain operational. The breach was limited to one particular hardware wallet that was purchased directly from the manufacturer. Consequently, no customer accounts were directly affected, or customer funds lost. Investigations are ongoing, but have so far concluded that there was no technical hack on the cold storage unit, and trade.io systems remain secure and unbreached. There is also nothing to indicate theft by internal actors.
Along with the management team, both KuCoin and Bancor responded promptly and are assisting trade.io in our investigation and have taken steps to quarantine the associated transactions.
We are actively taking steps to further lock down the situation, and prevent any othe potential impact.
As a result of the incident, trade.io Management has decided to fork TIO. The name of the forked token will be Trade Token X with the ticker TIOx, similar to TIO it will be an ERC-20 token. Details of the fork are expected to be released soon.
Lastly, while this security breach has been an inconvenience, we are happy to report again
that no client assets were lost and we’re pleased with how efficient and responsive our entire team acted following the breach. We’ve been overwhelmed with the positive response from our clients which we affectionately call TIOnauts and can’t thank them enough for their support and well wishes as we continue this special movement.
Information provided via press release