Cryptocurrency custodial platforms—particularly centralized exchanges (CEXs) and lending services—have experienced a number of significant failures over the past decade. Users who entrusted their digital assets to these third-party services often faced considerable financial losses, with recovery efforts varying widely.

In this article, we review several impactful incidents from 2015–2025 that illustrate how hacks, fraud schemes, and managerial collapses have led to user funds being compromised. Each event described includes details such as the platform involved, the date and nature of the incident, estimated losses, the number of affected users, and subsequent outcomes or regulatory responses. These cases offer practical insights into the custodial risks within the crypto industry, serving as useful examples for anyone seeking a clearer understanding of how to safely manage and store their digital assets.

Hacks: Exchange and Wallet Breaches

Despite security improvements, hackers have repeatedly breached crypto exchanges and custodial wallets, exploiting hot wallets, leaked keys, or other vulnerabilities. Here are some of the largest hacks of the last decade:

Bybit (February 2025) – $1.4 Billion Hack

Bybit, a Dubai-based CEX, suffered the largest crypto theft in history in February 2025. Hackers exploited a flaw in Bybit’s wallet infrastructure – manipulating a multisig cold-wallet transfer – to steal 400,000 ETH (worth about $1.4 billion) in minutes. The breach targeted what was supposed to be an offline cold wallet, revealing a sophisticated vulnerability in the exchange’s key management. Bybit’s CEO acknowledged the attack immediately and pledged to cover all user losses from the company treasury. In the aftermath, Bybit offered a bounty to recover funds and worked with global law enforcement. U.S. authorities attributed the hack to North Korean Lazarus Group operatives, charging them days later.

• User Impact: Bybit held ~$20 billion in client assets at the time, and users’ ETH withdrawals were frozen during the incident. However, since Bybit committed to fully reimburse customers, users were ultimately made whole, and the platform continued operations under heightened security.

Coincheck (January 2018) – $534 Million Hack

Japan’s Coincheck exchange was hit by an enormous hack on January 26, 2018, in which 523 million NEM (XEM) tokens (worth about $530 million) were stolen from its hot wallets. At the time, this was the largest crypto theft ever recorded, even exceeding Mt. Gox’s 2014 loss. The attackers infiltrated Coincheck’s network in the early hours and siphoned out the XEM over 8 hours before the breach was noticed. The funds were not secured in cold storage, making them an easy target. Coincheck responded by freezing all asset withdrawals to prevent further losses. Initially, executives warned they might be unable to fully reimburse customers, raising fears of another exchange collapse. Japanese regulators intervened, and remarkably Coincheck later announced it would repay all 260,000 affected users using its own capital. Within weeks, Coincheck was acquired by the Monex Group, and it did compensate users at a fixed rate per XEM.

• User Impact: ~260k users lost funds in the hack, but they were fully refunded in JPY a few months later. The incident prompted stricter exchange licensing and self-regulatory standards in Japan.

Bitfinex (August 2016) – $72 Million Hack

In August 2016, Bitfinex – then one of the world’s largest Bitcoin exchanges – was hacked for 119,756 BTC (worth about $72 million at the time). The breach exploited a vulnerability in Bitfinex’s multisignature wallet architecture (co-managed by BitGo), allowing hackers to initiate over 2,000 unauthorized BTC transfers. Rather than declare bankruptcy, Bitfinex took the unprecedented step of “socializing” the loss across all users: every customer’s account balance was reduced by 36% to cover the ~$72M hole, even those who didn’t hold BTC. In exchange, users received BFX tokens – IOUs representing the debt – which could later be redeemed for $1 each or converted into equity of Bitfinex’s parent company. Over the next eight months, Bitfinex gradually bought back and fully redeemed all BFX tokens by April 2017, making customers whole (albeit in USD equivalent, not Bitcoin).

• User Impact: Thousands of Bitfinex users initially suffered a 36% loss on their assets. Confidence was severely shaken, but the creative compensation plan and subsequent recovery of funds (including a 2022 U.S. government seizure of 94,000 BTC from the hack) eventually mitigated the damage. Bitfinex survived and overhauled its security, but the hack underscored the contagion risk of shared custody.

Other major exchange hacks in the 2015–2025 era include the KuCoin hack (Sept 2020, $281M), WazirX hack (2024, $230M), BitMart hack (Dec 2021, $196M), and BitGrail’s Nano hack (Feb 2018, $170M). In many cases, exchanges covered some or all user losses, but not without causing panic and service disruptions.

Fraud/Scams: Ponzi Schemes and Insider Theft

Not all losses were due to external hackers – some platforms collapsed because of internal fraud, Ponzi schemes, or outright scams. These cases often affected an even greater number of users and amounts, with little hope of recovery:

OneCoin (2014–2017) – $4 Billion Ponzi Scheme

OneCoin stands as one of the largest crypto-related frauds ever, bilking millions of people out of over $4 billion. Founded in 2014 by Ruja Ignatova in Bulgaria, OneCoin was marketed as a revolutionary cryptocurrency and sold through a global multi-level marketing network. In reality, there was no real blockchain – OneCoin was a classic Ponzi/pyramid scheme dressed up in crypto hype. Promoters misled investors with promises of guaranteed returns and a “Bitcoin killer” coin, while OneCoin Ltd. simply collected money and issued fake account balances. The scheme peaked around 2016 before collapsing in 2017 when Ignatova disappeared (earning her the moniker “Cryptoqueen”).

• User Impact: OneCoin drew in millions of victims worldwide from 2014–2016. Investors were left with nothing – OneCoins could not be traded or redeemed – resulting in total losses exceeding $4 billion. Afterward, U.S. prosecutors charged OneCoin’s leaders: co-founder Sebastian Greenwood pleaded guilty and in 2023 was sentenced to 20 years in prison. Ruja Ignatova remains a fugitive on the FBI’s Most Wanted list. Virtually none of the stolen funds have been recovered, exemplifying the extreme risk of centralized “too good to be true” crypto schemes.

PlusToken (2018–2019) – $2–3 Billion Wallet Scam

PlusToken was a massive Ponzi scheme primarily targeting investors in China and South Korea under the guise of a high-yield crypto wallet. Launched in mid-2018, PlusToken promised users lucrative “interest” returns if they deposited Bitcoin, Ethereum, and other cryptocurrencies into the PlusToken app. By the time the scam unravelled in mid-2019, an estimated $2 billion to $2.9 billion worth of cryptocurrency had been taken from investors. At its height, PlusToken claimed to have over 2.6 million members, making it one of the largest crypto Ponzi schemes globally. In June 2019, several core operators were arrested, and by 2020 Chinese authorities had arrested a total of 109 individuals involved.

• User Impact: The scheme’s collapse left hundreds of thousands (if not millions) of mainly Chinese retail investors with heavy losses, as the token’s promised rewards evaporated. PlusToken’s operators allegedly liquidated large amounts of the stolen crypto via OTC brokers, which may have even impacted Bitcoin’s price in late 2019. In late 2020, Chinese courts convicted multiple PlusToken ringleaders, issuing prison sentences of up to 11 years. Authorities reportedly seized a portion of the scam’s crypto haul, but those proceeds were confiscated by the state – victims themselves saw no restitution.

BitConnect (2016–2018) – $3.5 Billion Lending Scam

BitConnect was a high-profile cryptocurrency lending platform that collapsed in January 2018, inflicting huge losses on investors. Launched in 2016, BitConnect issued its own token (BCC) and advertised a trading “bot” that would generate outsized daily returns (often 1% or more). Users were encouraged to “lend” Bitcoin in exchange for interest paid in BCC, which they could reinvest – a classic Ponzi structure. The scheme imploded almost overnight: after regulators in Texas and North Carolina issued cease-and-desist orders, BitConnect shut down its lending program on January 16, 2018, and the BCC token’s price plummeted ~90%. Early investors who cashed out made profits, but those who held BCC lost almost everything. According to later estimates, BitConnect’s crash cost investors around $3.5 billion in total.

• User Impact: BitConnect was a global phenomenon, heavily promoted on YouTube and social media, so victims spanned numerous countries. No official user count is available, but the scale of losses (billions of dollars) indicates hundreds of thousands of investors were likely affected. In 2021, the U.S. SEC and DOJ charged BitConnect’s founder and promoters, alleging it was a gargantuan fraud. Several promoters pleaded guilty to criminal charges. However, recovery for victims has been minimal – BitConnect’s anonymous founder remains at large, and most lost funds were never traced.

Thodex (April 2021) – $2 Billion Exchange Exit Scam

Thodex was a Turkish cryptocurrency exchange that carried out an alleged exit scam in April 2021, stranding hundreds of thousands of users. The platform abruptly halted trading and withdrawals, citing a supposed outside investment and “maintenance,” but it soon became clear that Thodex’s founder, Faruk Fatih Özer, had fled the country with the money. Initial reports indicated that Özer absconded with up to $2 billion in user funds, affecting approximately 390,000 active users who suddenly lost access to their accounts. Turkish authorities reacted swiftly: dozens of Thodex employees and family members were detained, and Interpol issued a red notice for Özer. In 2022, Özer was arrested in Albania and extradited back to Turkey.

• User Impact: Thodex’s collapse was devastating to the Turkish crypto community. Many of the 390k users had used crypto as a hedge against the declining lira, only to lose their savings in the scam. After legal proceedings, Turkish courts delivered a symbolic judgment – in Sept 2023 Özer and his two siblings were each sentenced to 11,196 years in prison for fraud and other crimes. However, the actual scale of losses turned out to be contested: prosecutors could only verify about 356 million lira (~$43 million) in losses based on complaints, far less than the initially reported $2 billion. Regardless of the exact figure, Thodex users have recovered virtually none of their assets. The Thodex fiasco – alongside a second Turkish exchange (Vebitcoin) that collapsed days later – underscored the extreme risks of unregulated exchanges.

Mismanagement & Insolvency: Collapses from Within

Not all custodial failures involve overt crime or hacks – some platforms failed due to mismanagement, risky bets, or lack of internal controls. These collapses often caught users by surprise and left billions in losses:

FTX (November 2022) – ~$8 Billion Exchange Collapse

FTX, once the world’s third-largest crypto exchange by volume, imploded in a matter of days in November 2022 in one of the most shocking financial collapses in crypto history. Founded by Sam Bankman-Fried (SBF), FTX grew rapidly from 2019 to 2022, but behind the scenes, customer deposits were being misused to cover risky bets at SBF’s hedge fund, Alameda Research. A liquidity crisis triggered by revelations of this intermingling led to a run on FTX in early November 2022. When the music stopped, FTX had an $8 billion hole in its balance sheet – customer funds that were missing or spent. The firm filed for bankruptcy on Nov 11, 2022, leaving over one million users worldwide unable to withdraw their money. An estimated $8–$10 billion of customer assets were lost in the meltdown. To make matters worse, within hours of the bankruptcy filing, FTX was hit by an apparent insider hack draining another $477 million from its wallets.

• User Impact: The ~1.1 million FTX creditors (mostly users) face a lengthy bankruptcy process, with uncertain recovery. As of 2024, the new CEO (John J. Ray III) has managed to locate some assets, and the estate has hinted at partial customer repayments, but likely only a fraction of the missing $8–$10B. SBF was convicted of fraud for effectively embezzling customer funds and in 2023 was sentenced to 25 years in prison. FTX’s collapse – likened to “old-fashioned embezzlement” by its liquidators – sent shockwaves through the crypto market, reinforcing the mantra: “Not your keys, not your coins.”

Celsius Network (June–July 2022) – $4.7 Billion Lending Platform Failure

Celsius Network was a major crypto lending and interest-bearing platform that failed in mid-2022 due to risky investments and alleged fraud by executives. Celsius took in user deposits (crypto assets) and promised high yields, effectively acting like an unregulated crypto bank. In June 2022, amid plummeting crypto prices and rumors of insolvency, Celsius froze all withdrawals, trapping users’ funds on the platform. One month later, in July 2022, Celsius filed for Chapter 11 bankruptcy, revealing a $1.2 billion hole in its balance sheet (with $5.5B in liabilities vs. $4.3B in assets). Court filings showed Celsius owed about $4.7 billion to its users, who were listed as unsecured creditors in the bankruptcy. Over 600,000 accounts were impacted, many of them retail investors who had entrusted their savings to Celsius’s “Earn” program.

• User Impact: Around 600k depositors found their crypto accounts locked, collectively worth ~$4.7B. Customers have endured a prolonged bankruptcy process: a portion of funds (those in custodial accounts) have been approved for return, but most users (especially Earn interest account holders) are expected to get back only a fraction of their deposits. Investigations by U.S. authorities revealed that Celsius’s management had misrepresented risks, operated a ponzi-like scheme to prop up its CEL token price, and made enormous unsecured loans. In July 2023, Celsius’s CEO Alex Mashinsky was arrested and charged with fraud, and in 2023–2024 Celsius reached settlements with regulators (including a $4.7B settlement with the FTC, to be largely returned to users). As of early 2025, Celsius’s restructuring plan is underway (acquisition by Fahrenheit Holdings), and creditors may recover somewhere around 50–70% of their assets in liquid crypto over time – a better outcome than FTX, but still a massive loss and cautionary tale for lenders.

QuadrigaCX (2019) – $190 Million Lost to CEO’s Death and Mismanagement

QuadrigaCX was once Canada’s largest cryptocurrency exchange, but its sudden collapse in early 2019 left 115,000 users out of pocket and spawned a mystery that gripped the crypto world. In January 2019, QuadrigaCX announced that its 30-year-old founder and CEO, Gerald Cotten, had died the month before – and with him, access to the exchange’s cold wallets allegedly containing around C$180 million (US$135M) in crypto. The company had no other executives or access to the keys, meaning customers’ Bitcoin, Ether, and other assets were supposedly locked beyond reach. Quadriga went offline and into creditor protection, revealing it owed users approximately C$250 million (about US$190M at the time, including both crypto and fiat balances).

• User Impact: For the ~115k affected users, the outcome has been grim. Investigations by Ernst & Young (the bankruptcy trustee) found Quadriga had no identifiable cold reserves – Cotten had in fact been operating Quadriga like a fractional reserve and trading with customer funds for years. By the time of his death (or alleged death, as some suspect foul play), most of the money was already gone due to Cotten’s lavish spending and trading losses. Bankruptcy proceedings recovered only a small fraction of assets (roughly 13–20% of claims). In 2020, an audit report concluded that Cotten had defrauded users and that Quadriga was effectively a Ponzi scheme in its final years. Cotten’s widow agreed to surrender about $12M in personal assets to the estate – a drop in the bucket. Ultimately, users received only partial repayments of their account balances, and many questions remain unanswered. QuadrigaCX’s collapse underscored the peril of a company hinging on a single person’s honesty and life – a “single point of failure” writ large.

In Conclusion…

These cases illustrate the spectrum of risks posed by custodial crypto platforms. Whether through criminal hacks, fraudulent schemes, or reckless management, each incident led to substantial losses for users who had entrusted a third party with their digital assets.

While some platforms reimbursed customers or legal processes are still ongoing, many victims saw only a fraction of their funds returned – if anything at all. For cryptocurrency users, these events serve as a stark reminder: holding assets on a custodial exchange or service introduces significant counterparty risk.

The landscape in 2025 is gradually improving (with stronger regulations and industry security standards), but the legacy of these failures continues to influence how crypto investors approach trust and storage of their wealth.