Part of the CustodyStress archive of observed Bitcoin custody incidents
Exchange Support
Cases where the recovery path ran through the exchange or custodian — account recovery, identity verification, or support escalation.
Exchange support as a recovery path succeeds in only 12% of determinate cases. The majority of cases involving exchange support either remained constrained — access delayed or partially restored — or were ultimately blocked by platform insolvency or policy.
Archive analysis — 74 cases
Outcomes
20% of determinate cases resulted in blocked access — 49 percentage points below the archive-wide average of 69%. 68% resulted in constrained recovery.
Documentation coverage
32% of cases have indeterminate outcomes — higher than the archive average of 43%.
Custody type
99% of cases involved exchange custody, followed by software wallet at 1%.
Primary stress condition
85% of cases involve vendor lockout. Passphrase unavailable accounts for a further 5%.
Documentation
50% of cases had present and interpretable documentation — yet still produced a blocked or constrained outcome.
Scale
20% of cases involved large or very large holdings (10+ BTC).
10
Blocked
34
Constrained
6
Survived
24
Indeterminate
88% of determinate cases resulted in blocked or constrained access.
74 observed cases
Blocked
10 (14%)
Constrained
34 (46%)
Survived
6 (8%)
Indeterminate
24 (32%)
Blockchain.com Email Takeover and Account Lockout: Recovery Phrase Insufficient
Exchange custody
Osiris100 created a Blockchain wallet in 2014 and retained the welcome email and wallet ID. In 2017, a verification email arrived unsigned, followed by two logi
Blockchain.com Non-HD to HD Wallet Migration: Imported Address Bitcoin Inaccessible
Exchange custody
In 2016, user serega634 maintained a Bitcoin wallet on Blockchain.com, then a widely-used custodial online wallet platform. At an unspecified later date, the us
Blockchain.com Imported Address Recovery: Funds Visible but Inaccessible
Exchange custody
Cryptflower created a Bitcoin wallet on Blockchain.com in 2014 and retained a 12-word BIP39 seed phrase saved in 2018. By January 2024, the user confirmed the o
GDAC Exchange Security Breach: $13M Cryptocurrency Theft, April 2023
Exchange custody
On April 9–10, 2023, GDAC, a South Korean cryptocurrency exchange, discovered a security breach affecting its hot wallet infrastructure. Attackers transferred a
Lost Seed Phrase and 2FA Access on Coinbase Commerce Self-Custody Wallet
Exchange custody
In December 2022, a Coinbase Commerce user (cryptoask2022) encountered a cascading custody failure after losing access to their self-managed wallet. The user re
Deribit $28M Hot Wallet Compromise — November 2022 — No Client Loss
Exchange custody
On November 1, 2022, Deribit, a leading cryptocurrency derivatives exchange specializing in Bitcoin and Ethereum options, discovered that its hot wallet had bee
Genesis Global Capital Freezes $900M in Gemini Earn Bitcoin — Retail Users Locked Out
Exchange custody
Throughout 2022, Genesis Global Capital—the cryptocurrency lending subsidiary of Digital Currency Group—accumulated exposure to failing counterparties and deter
Freewallet Account Suspension: Institutional Custody Lock-In on First Withdrawal
Exchange custody
On October 14, 2022, a BitcoinTalk user (ilgust12) reported a custody access failure with Freewallet.org, a custodial online wallet service. The user had deposi
BCH Sent to CashApp Bitcoin Wallet: Funds Locked to Platform Control
Exchange custody
In March 2021, a user initiated a Bitcoin Cash withdrawal from a forex broker but selected the wrong asset type, causing approximately $1,600 BCH to be sent to
Blockchain.com KYC Re-Verification Lockout: 30-Day Withdrawal Freeze
Exchange custody
In October 2021, a Blockchain.com user encountered a mandatory identity verification step during login—a process previously completed without friction. The veri
Liquid Exchange $80M Hack (August 2021): Withdrawal Freeze, FTX Bailout, Full Acquisition
Exchange custody
On August 19, 2021, Japanese cryptocurrency exchange Liquid discovered that hackers had compromised its warm wallet infrastructure and transferred approximately
AscendEX Exchange $78M Hot Wallet Breach — December 2021
Exchange custody
On December 11, 2021, AscendEX (formerly BitMax) disclosed a significant security breach affecting its hot wallet infrastructure. Approximately $78 million in c
Altsbit Exchange Hack (February 2020): Institutional Failure, Partial Recovery
Exchange custody
Altsbit, an Italian cryptocurrency exchange that had been operational for only a few months, suffered a catastrophic security breach in February 2020. Attackers
KuCoin Exchange Breach September 2020: $280M Stolen, $204M Recovered
Exchange custody
On September 26, 2020, KuCoin announced a security breach affecting its hot wallets. Attackers with access to private keys stole approximately $280 million in c
Blockchain.info Wallet Access Lost: Destroyed Phone Note, Discarded Seed Paper, Partial Password
Exchange custody
In April 2020, a forum user described a friend's custody access failure involving a Blockchain.info hosted wallet (the platform later rebranded to Blockchain.co
Upbit Exchange Hot Wallet Breach — 342,000 ETH Stolen, November 2019
Exchange custody
On November 27, 2019, the South Korean exchange Upbit discovered that 342,000 ETH—valued at approximately $49 million USD at the time—had been transferred from
Bitrue Singapore Exchange Security Breach — $4.2M Theft, Full User Refund
Exchange custody
On June 27, 2019, Singapore-based exchange Bitrue discovered a $4.2 million security breach affecting 90 user accounts. An attacker had exploited a weakness in
CoinBene Exchange Hack — $100M+ Stolen, Maintenance Cover-Up, March 2019
Exchange custody
CoinBene, a cryptocurrency exchange, abruptly went offline in March 2019 citing scheduled maintenance. Within days, blockchain analysts at multiple firms detect
Bithumb $13M EOS Insider Theft April 2019: Platform Lockout and Third Security Breach
Exchange custody
On April 1, 2019, South Korean exchange Bithumb detected abnormal withdrawal patterns in its internal monitoring systems and halted all deposit and withdrawal s
Blockchain.info Hosted Wallet: Valid Backup Defeated by Email Authentication Failure
Exchange custody
In September 2019, a BitcoinTalk user identified as patparry reported a custody access failure involving a Blockchain.info hosted wallet. The account had remain
BITPoint Exchange Hack — $23M Customer Cryptocurrency Stolen, July 2019
Exchange custody
On July 12, 2019, BITPoint, operated by Tokyo-listed Remixpoint Inc., discovered unauthorised outflows totalling approximately 3.5 billion yen ($32 million USD)
Bitfinex Fiat Withdrawal Freeze: Crypto Capital Processing Delays October–November 2018
Exchange custody
Bitfinex paused fiat deposits in October 2018 and announced implementation of a new deposit system. The exchange had been routing USD withdrawals through Crypto
Coincheck Exchange Hack: 523 Million NEM Stolen, User Withdrawals Frozen
Exchange custody
On January 26, 2018, Coincheck, a Tokyo-based cryptocurrency exchange, discovered that attackers had stolen approximately 523 million NEM tokens valued at $530
Coinrail Exchange Hack — $40 Million Altcoin Loss, Partial Recovery
Exchange custody
On June 10, 2018, Coinrail, a South Korean cryptocurrency exchange, publicly confirmed a security breach affecting its hot wallet infrastructure. Attackers gain
Bithumb $31 Million Hack — June 2018 Withdrawal Suspension
Exchange custody
Bithumb, one of South Korea's dominant cryptocurrency exchanges handling billions in daily trading volume, discovered a security breach on June 19, 2018. Intern
Recovery paths
No Viable Path
None Attempted
Password Bruteforce
Coerced Transfer
Unknown
Technical Recovery
Estate Process
Legal Proceedings
Derivation Path Correction
Regulatory Intervention
Seed Phrase Located
Bankruptcy Claims Process
Partial Recovery Only
Software Downgrade
Vendor Support
Alternate Access Route
All cases
Translate