Crypto Breaches and Fraud

Table of Contents
Crypto Breaches

How has the number of security breaches and fraud involving crypto changed over the last ten years?

As cryptocurrency has grown in popularity, crypto-related crimes have also been on the rise as we showcased in our Crypto Crimes report earlier this year.

In particular, the number of exchanges and currencies that are being targeted by hackers stealing coins has increased, as many crypto and blockchain technologies are still in their infancy so they can be more easily exploited.

So, how have the number of crypto breaches and fraud offences changed over the last decade, which have been the biggest, and how do they vary between different countries and currencies?

The most valuable crypto breaches and fraud

Valuable Crypto Breaches
  1. OneCoin – $4 billion

The biggest crypto offence to date was the OneCoin Ponzi scheme, which was promoted as a new cryptocurrency and has been dubbed one of the biggest scams of all time.

The founder, Ruja Ignatova, disappeared in 2017 and has yet to be found, although many others have been arrested in connection with the scheme and US authorities state that the scheme defrauded investors of $4 billion.

  1. Plus Token Ponzi – $2.9 billion

The PlusToken Ponzi scheme mainly affected investors in China and South Korea and saw an estimated $2.9 billion stolen.

Over 100 people were arrested in relation to the scheme and the ringleaders were recently sentenced for up to eleven years by a Chinese court.

  1. Bitconnect – $2.6 billion

Not all crypto breaches relate to hackers gaining access to funds, as was the case with Bitconnect, which was linked with a Ponzi scheme and guaranteed unrealistically high returns, eventually scamming investors out of $2.6 billion.

How much have crypto breaches and fraud increased?

Crypto Fraud and Breaches Increases

Between 2011 and 2021 there have been 208 notable crypto offences, with a total of $19.2 billion being stolen in that time.

In 2011 there were nine offenses, with over $9 million being taken, but this number had almost doubled by 2013 and grew to as many as 38 in 2020 and 32 so far in 2021, showing how rapidly offences are increasing.

While 2021 looks set to be the year with the highest number of offences, 2017 was the year that saw hackers make the most money, stealing highs of $4.7 billion in total and $223.5 million on average.

As hackers and their technology become more sophisticated, it’s clear that breaches are an increasingly big concern for the crypto world.

The most commonly targeted currencies

Targeted Currencies

Across 208 breaches, 59 different cryptocurrencies were stolen, with Bitcoin being the most commonly targeted as it was involved in just over a third of breaches, with 94 over the last decade.

As the most popular cryptocurrency in the world, it’s not too surprising that Bitcoin is the most stolen. The second-most popular coin, Ethereum, is the second-most targeted, with 36 breaches making up 12.8% of the total breaches of the decade.

The most common types of crypto offence

Common Offences

The most common type of attack is breaches of wallets and exchanges, with 126 in the last ten years, which is far more than offences involving DeFi attacks and fraud (both 41).

The largest of these breaches to date saw Mt. Gox have $615 million stolen over the years, leading to the platform ultimately becoming insolvent in 2014.

However, it was cases of fraud that were the most lucrative for criminals, usually seeing the perpetrators walk away with big sums.

The average crypto fraud incident saw $365 million stolen (over 14 times as much as breaches), while just under $15 billion has been stolen in total via fraud since 2011.

However, the number of DeFi (decentralised finance) breaches is on the increase, with this new technology more open to potential weaknesses.

The most commonly targeted countries

Targeted Countries

The vast majority of cases can’t be tied to any one country, but of those that can, the majority targeted the United States (17), followed by the United Kingdom (12), South Korea (9), Japan (7) and China (6).

But once again, it wasn’t the most targeted entities that suffered the most, as Turkey lost the highest sum through the Thodex scam, which saw $2 billion stolen, followed by Japan ($1.2 billion stolen in total) and China ($1 billion stolen in total).


The majority of data was sourced from Crystal’s Map of Security Breaches and Fraud Involving Crypto 2011-2021, supplemented with further breaches from a variety of sources and articles, including ZDNet and Selfkey.

We omitted instances where crypto had been seized by government or law enforcement authorities.