Part of the CustodyStress archive of observed Bitcoin custody incidents
CS-00650
Physical coercion — exchange custody (2019)
ConstrainedCase description
A cryptocurrency exchange employee was subjected to a prolonged social engineering campaign in June 2019. The attacker spent three weeks posing as an IT support contractor before requesting remote access to the employee's machine. Using that access the attacker extracted exchange API credentials and transferred BTC from the exchange's operational wallet.
Custody context
| Stress condition | Physical coercion |
| Custody system | Exchange custody |
| Outcome | Constrained |
| Documentation | Unknown |
| Year observed | 2019 |
| Country | Unknown |
Structural dependencies observed
What this illustrates
There was only one way in. When that path was gone, so was access. Whether full access was ultimately possible is unclear, but significant delay or outside intervention was involved.
Outcome interpretation
Access remained possible, but only with delay, dependence, or significant difficulty.
Source
Publicly Reported
Evidence type
Forum post
Evidence link
Related cases involving physical coercion
This archive documents observed custody survivability failures. It does not attempt to document all Bitcoin losses or security incidents.
Submit a case
← All cases
Framework references
Where Bitcoin Custody Intersects Legal and Fiduciary Authority
Where custody creates gaps in estate planning, fiduciary duty, and professional responsibility.
Professional Scope Boundary Matrix
What each professional or product covers, what they do not, and where gaps form between them.
The Independent Assessment Layer in Bitcoin Custody
How independent diagnostic layers emerge when multiple parties depend on shared infrastructure.
Translate