⚠️OKX Confirms User Accounts Drained via Identity Theft
🙀 In a post-mortem on X, #OKX revealed that a hacker used forged "judicial documents" to obtain personal information of "very few" users. This breach came to light after two users reported their accounts had been compromised and drained.
🔎 Blockchain security firm SlowMist noted that new #API keys were created after users received risk notification SMS texts from #HongKong .
🛡 Web3 security group Dilation Effect claimed attackers exploited a loophole allowing users to turn off Google Authentication or phone verification without a 24-hour withdrawal halt. OKX, however, rebutted this, stating the incident was unrelated to Google Authenticator or SMS verification.
👀 OKX assured users that affected accounts have been fully compensated and the matter is under investigation.
