On July, 31st 2020 at 18:00 CEST, 2gether suffered a cyber-attack at the hands of hackers who stole 114 BTC and 281 ETH worth a combined €1.18 million—which at current value amounts to an estimated €2.9 million—from users’ investment accounts. In upholding the integrity of the platform and the company’s values, 2gether created a two-pronged plan to deal with the consequences of the attack.
To raise the capital to execute the plan, 2gether worked with the community, private investors, and partners to generate an equity crowdfunding round, which closed at the legal maximum of €1.5M and 125 percent of its target. The funds raised in the latest round will go toward strengthening the company’s security, risk management, and coverage model.
First, 2gether offered all those affected by the hack immediate compensation for the loss in 2GT, the company’s utility token, and company equity. The company then prioritized replenishing the accounts of the users who lost their assets and was able to compensate 91 percent of its users in full in BTC and ETH following the crowdfunding campaign.
The remaining nine percent with the highest total value of crypto in their accounts are compensated with the best possible solution for each of them—a solution that includes at least the value in euros at the time of the cyber-attack and, in most cases, exceeds that value. Users in the nine percent cohort have two different options for compensation.
They can accept 2gether’s initial offer for the value of their lost assets in euros at the time of the attack or submit an appeal for a different compensation package. In the event of an appeal, they would wait to receive their compensation for the exact crypto assets that were stolen, at a later date.
Second, since the day of the cyberattack, 2gether is executing its plan to integrate stronger security protocols to ensure such an incident is never repeated. To achieve this, the company is utilizing a variety of cybersecurity pillars, including:
- Restructured and reengineered frameworks: Reorganized user funds to limit attack perimeters; reengineered databases to avoid personal data leaks; streamlined transactional processes; and restricted permissions and revised policies and procedures.
- Cyber wall defenses: Upgraded the antivirus to a top three in its industry endpoint detection and response (EDR) software, and upgraded firewalls, VPNs, and strong customer authentication.
- Insurance reinforcement: Reviewed risk management frameworks and created a coverage model to prepare for potential future attacks, including the negotiation for cyber insurance on international markets.
- Resources boost: Increased resources on key risk management areas, including CISO, systems management, and DevOps.
“Despite the challenges of managing a cyber attack on our platform, 2gether is proud that it compensated its users in the assets that they lost to ensure they don’t lose momentum on the rising value of crypto. Furthermore, boosting our security protocols and reevaluating our internal frameworks will minimize the likelihood of any future cyber attacks.”
– Ramon Ferraz, CEO of 2gether
Read Ramon’s letter to the community here.
