Floating Point Group (FPG), an institutional trading desk specializing in cryptocurrencies, recently experienced a significant cyber attack resulting in a loss of between $15 million and $20 million in digital assets.
Despite having implemented robust security measures, the firm was targeted in a breach that prompted them to suspend all trading activities and initiate an investigation with the assistance of law enforcement agencies and regulatory bodies.
FPG’s Precautions and Certification: Recognizing the potential risks associated with operating in the crypto industry, FPG had proactively engaged external auditors in December of the previous year to conduct comprehensive cybersecurity audits and penetration testing.
Their efforts paid off, resulting in the acquisition of a SOC 2 certification, which demonstrated their commitment to maintaining a secure trading environment for their institutional clients.
The Cyber Attack and Response: On Sunday, June 11, FPG discovered that it had fallen victim to a cyber attack, leading to the loss of a substantial amount of digital assets.
In response to the breach, the firm promptly took decisive action by locking all third-party accounts and securing their wallets. Fortunately, FPG’s account segregation practices helped contain the impact of the attack, limiting the overall damage caused.
Trading and Recovery Measures: To ensure the safety and security of their clients’ assets, FPG made the difficult decision to halt all trading, deposits, and withdrawals temporarily.
This precautionary measure was implemented to protect their clients and prevent any further unauthorized access to funds.
Concurrently, FPG initiated collaborations with prominent entities such as the FBI, the Department of Homeland Security, regulatory authorities, and Chainalysis—a blockchain analytics firm—to investigate the incident thoroughly and devise a plan for asset recovery.