CoinsPaid Faces Second Security Breach in Six Months: Nearly $7.5 Million Stolen 

In yet another setback for CoinsPaid, a prominent crypto payment gateway, the company has fallen victim to its second security breach in the last six months. On January 6, Web3 security firm Cyvers uncovered a series of unauthorized transactions, resulting in a staggering loss of nearly $7.5 million.

The breach involved the withdrawal of $6.1 million worth of various digital assets, including Tether (USDT), Ether (ETH), USD Coin (USDC), and CoinsPaid’s native token CPD. This incident raises concerns about the platform’s security measures and highlights the persistent challenges faced by crypto entities in safeguarding user funds.

Security Breach in Six Months

This is the second breach on CoinsPaid within just six months, and it reveals a troubling pattern of vulnerability.  The attacker executed a sophisticated move by swapping around 97 million CPD tokens for ETH, valued at approximately $368,000. Subsequently, the funds were transferred to externally owned accounts (EOAs) and crypto exchanges such as MEXC, WhiteBit, and ChangeNOW. CoinGecko’s data reveals a significant drop in CPD’s value to $0.0006, down 39.5% in 24 hours.

Further analysis by Cyvers exposed additional unauthorized transactions involving BNB (Binance Coin) worth over $1 million, bringing the total stolen amount to close to $7.5 million. This second breach within six months raises serious concerns about CoinsPaid’s ability to secure user assets and underscores the ongoing challenges faced by crypto platforms in maintaining robust security measures.


The recurrence of a security breach within a six-month span for CoinsPaid highlights the critical need for heightened cybersecurity measures within the cryptocurrency industry. The sophisticated nature of the attack, involving the manipulation of various digital assets and their subsequent movement across different platforms, calls for a collective industry effort to reinforce security protocols. As the crypto landscape continues to evolve, it is imperative for companies like CoinsPaid to prioritize and invest in robust security infrastructure to protect both their platforms and the trust of their users. This incident serves as a stark reminder of the importance of proactive cybersecurity measures in the ever-expanding world of digital assets.

Categorized in: