Cryptocurrency wallet service, GateHub, announced that $10 million worth of XRP tokens had been stolen from about 90 XRP wallets, after community members informed GateHub that funds had been stolen. This prompted an internal investigation, which revealed that no suspicious logins or brute forcing was involved.
The blog post reads,
We have however detected an increased amount of API calls (with valid access tokens) coming from a small number of IP addresses which might be how the perpetrator gained access to encrypted secret keys. That, however, still doesn’t explain how the perpetrator was able to gain other required information needed to decrypt the secret keys. All access tokens were disabled on June 1st after which the suspicious API calls were stopped.
One individual, Thomas Silkjær of XRP Forensics, noticed the theft of 201,000 XRP on June 1, and subsequently contacted GateHub,
The same day we made contact to Gatehub to make them aware of the potential security breach while continuing our independent investigation and contacting exchanges where the offender appeared to have laundered money.
Law enforcement has been informed of the theft and GateHub is working with an IT forensics team to resolve the matter.