Indian cryptocurrency exchange CoinDCX has confirmed a security breach resulting in the loss of approximately $44 million (₹368 crore) in digital assets. The breach, which occurred early Saturday, July 19, 2025, targeted one of the company's internal operational accounts used for liquidity provisioning on a partner exchange.

CoinDCX assured users that customer funds held in cold wallets or primary customer accounts were not affected. The company emphasized that the compromised account was a non-custodial internal account and did not store any customer assets. CoinDCX also stated it would fully compensate the loss using its internal treasury reserves.

According to CoinDCX's First Incident Report, their security systems detected unauthorized access to one of its accounts on a partner exchange around 4 AM IST on July 19. Sumit Gupta, Co-founder of CoinDCX, addressed the situation on social media, explaining that the breach was due to a "sophisticated server breach" targeting an internal wallet. He confirmed that the CoinDCX wallets used to store customer assets were not impacted and remained safe.

Following the detection of the attack, CoinDCX temporarily paused its Web3 trading platform as a precaution but has since resumed it. Regular trading and INR withdrawals on the main crypto exchange were never stopped, and users can continue using the platform without issues. Gupta advised investors not to panic.

Blockchain forensics experts have traced the movement of the stolen funds to a complex, multi-chain laundering operation. Initial analyses suggest the attackers exfiltrated approximately 4,443 ETH and 155,830 SOL. These assets were quickly bridged from Solana to Ethereum and passed through Tornado Cash, a decentralized privacy mixer. This cross-chain laundering strategy highlights the technical sophistication of the perpetrators and the challenges in tracking stolen assets across networks. The assets were subsequently consolidated into new wallets, making real-time tracking difficult.

CoinDCX has launched a full-scale investigation in collaboration with CERT-In (India's Computer Emergency Response Team), law enforcement agencies, and leading cybersecurity firms. The exchange also intends to introduce a bug bounty program in the coming weeks to strengthen its infrastructure and encourage white-hat hacking.

The incident has sparked reactions within India's cryptocurrency community, with industry leaders and analysts calling for improved operational security and transparency. While CoinDCX's swift acknowledgment and assurance of coverage have helped mitigate immediate panic, the breach serves as a reminder of the vulnerabilities inherent in hot wallet systems and cross-chain operations. This breach marks one of the largest in India's crypto sector since the $235 million WazirX hack in 2024 and has reignited security concerns across the digital asset landscape.

In response to the incident, CoinDCX is taking measures to enhance its security protocols and prevent future breaches. The company is working with cybersecurity experts and exchange partners to investigate the attack and recover the stolen assets.