CoinTiger

On July 1, 2019, CoinTiger, a Singapore-based cryptocurrency exchange, suffered a cold wallet breach, resulting in the theft of 401,981,748 PTT tokens (valued at ~$9.2 million at 0.023 RMB per PTT on August 28, 2019), as reported by ChainDD. Disclosed on August 17, 2019, after 47 days, the attack likely involved a compromised private key, as the wallet lacked multi-signature security, per PeckShield’s analysis. Hackers moved 120 million PTT to market, with 280 million frozen by the Proton Chain (PTT) project, per the article. CoinTiger, with $200 million daily trading volume per CoinGecko, closed PTT withdrawals but kept trading open, freezing user funds, leaving only 37 million PTT in its hot wallet, insufficient for repayments, per ChainDD. No compensation plan was implemented; CoinTiger proposed a contract upgrade to map 280 million frozen PTT to a new token, which PTT’s project rejected, citing high costs and market disruption, per the article.

Investors formed rights groups, and PTT issued warnings against CoinTiger trading, per Twitter (@ProtonChain). Other ERC20 tokens (REP, BETHER, OLE, YEE) worth $69,700 were also stolen, per PeckShield. One of 175 crypto hacks in 2019 costing $4.5 billion, per Chainalysis, this incident, alongside Cryptopia’s $16 million loss, highlighted single-key wallet risks, fueling calls for multi-signature wallets, transparent incident reporting, and robust cold storage protocols to secure exchanges.