VeChain CEO Sunny Lu speaking at a conference. CoinDesk
Singapore-based VeChain Foundation has been the victim of a hack, which resulted in the loss of $6.6 million in cryptocurrency, the company announced in a blog post on 13 December.
According to the announcement, at 12:27 UTC on Friday an unknown hacker redirected around 1.1 billion VET tokens from the VeChain Foundation’s buyback wallet to a private address.
The company stated that the incident is in “no way” related to its Standard Procedure, and that it was due to a misconduct of one of the team members within its finance team.
The company wrote in the announcement:
“We have narrowed down the possibilities enough to lead to a highly probable theory. Security breach was most likely due to misconduct of one of the team members within our finance team.”
The person at fault had allegedly created the buyback account in violation of the Standard Procedure approved by the Foundation, which resulted in the auditing team not picking up on the misconduct due to human error.
The firm has also stated that the stolen funds have already been tagged and tracked, and that it is working with cybersecurity firm Hacken to restrict the tokens’ flow to multiple exchanges.
The firm also provided a link to the hacker’s address tagged on VeChainStats, which will help them instantly trace addresses interacting with the hacker’s address, and has also listed a number of measures it has taken to mitigate the incident and get clarity on the situation.
The company has also started a security investigation on other crypto assets that are under its custody, in order to prevent future breaches. The firm has not only vowed to continue monitoring the situation, but has already reported the incident to law enforcement agencies in Singapore.
VeChain is a major cryptocurrency and blockchain platform, which is designed to enhance the supply chain management and business processes. The company was launched in 2018, and serves as a supply chain tool for automakers such as BMW and Renault.