CoinDCX, one of India’s largest cryptocurrency exchanges, has reported a major security breach that resulted in the loss of approximately ₹378 crore ($44.2 million) from its internal treasury account. The incident, which took place in the early hours of July 19, was caused by what the company described as a “sophisticated server breach” targeting an operational wallet used solely for liquidity provisioning on a partner exchange.
Despite the scale of the attack, CoinDCX has assured users that all customer assets are secure and remain unaffected. “The compromised wallet was used exclusively for internal liquidity operations and not for storing customer funds,” said co-founder Sumit Gupta on social media platform X. “CoinDCX will bear the full financial impact. There is no loss to users.”
Fellow co-founder Neeraj Khandelwal confirmed that the ₹378 crore loss will be fully absorbed by the company’s treasury reserves, which remain “sufficiently healthy”. CoinDCX reiterated that trading operations, as well as rupee deposits and withdrawals, continue to function normally.
The breach was first flagged by blockchain investigator ZachXBT, following which CoinDCX publicly confirmed the attack nearly 17 hours later. The delay in disclosure drew criticism from segments of the crypto community, although many also appreciated the company’s proactive stance in safeguarding customer funds.
One user on X posted, “CoinDCX silent for 17 hours? That’s more suspense than a thriller! In crypto, transparency isn’t optional.” Others praised the company’s handling, with one comment noting, “Good to see CoinDCX acting responsibly, assuring user funds are safe, and not passing losses onto customers.”
Following the announcement, CoinDCX experienced a surge in user activity as withdrawal requests spiked. The pressure briefly overwhelmed its portfolio APIs, making it temporarily impossible for users to view balances or transaction history. The APIs were later restored, and the company clarified that rupee withdrawals below ₹5 lakh would be processed within 5 hours, while those above ₹5 lakh could take up to 72 hours.
The exchange also temporarily shut down Web3 trading as a precautionary measure, but services have since resumed.
CoinDCX has filed a First Information Report (FIR) and notified the Indian Computer Emergency Response Team (CERT-In). A forensic investigation is underway in collaboration with two internationally reputed cybersecurity firms. The company has pledged to share the investigation findings publicly to enhance transparency.
Additionally, CoinDCX said it is working with its partner exchange to block and recover the stolen assets and is preparing to launch a bug bounty programme aimed at identifying future vulnerabilities.
The breach has raised renewed concerns about security in India’s crypto ecosystem, coming nearly a year after a similar incident at rival exchange WazirX, which suffered losses exceeding ₹1,965 crore ($230 million) due to compromised private keys in self-custodied wallets.
Sumit Gupta urged users not to panic, saying, “Don’t panic sell your assets. It often leads to poor prices and unnecessary losses. Let the markets settle. Stay calm, stay confident.”
While the company maintains that the incident does not pose a systemic threat, it acknowledged that restoring trust and strengthening infrastructure will be top priorities. “We will share all the details of the incident as the team validates all the facts,” Gupta added.
As the crypto market continues to evolve amid regulatory uncertainty and rising cyber threats, CoinDCX’s swift response may set a benchmark for how Indian exchanges handle security breaches in future.
