Third-party data breaches have exploded. The problem? Companies, including cryptocurrency exchanges, don’t know how to protect against them. When exchanges sign new vendors, most just innately expect that their vendors employ the same level of scrutiny as they do. Others don’t consider it at all. In today’s age, it isn’t just a good practice to test for vulnerabilities down the supply chain — it is absolutely necessary.
Many exchanges are backed by international financiers and those new to financial technologies. Many are even new to technology altogether, instead backed by venture capitalists looking to get their feet wet in a burgeoning industry. In and of itself, that isn’t necessarily a problem. However, firms that haven’t grown up in the fintech arena often don’t fully grasp the extent of the security risks inherently involved in being a custodian of hundreds of millions of dollars in digital assets.
We’ve seen what happens in the face of inadequate security, which goes beyond vendor management and stretches into cross-chain bridges. Just in October, Binance faced a bridge hack worth nine figures. Then there’s also the Wormhole bridge hack, another nine-figure breach. The Ronin bridge hack resulted in the loss of well over a half billion dollars in assets.
In fact, a new report indicates that over a two-year period, more than $2.5 billion in assets was stolen thanks to cross-chain bridge hacks, dwarfing the losses associated with breaches related to decentralized finance lending and decentralized exchanges combined.
Third-party breaches aren’t just a problem for the crypto industry, though, and they certainly aren’t confined to small players. Earlier this year, the New York City school system had a breach involving a
Read more on cointelegraph.com