Gate responds to recent security incidents: Customer external information has been leaked, fund flows have been sorted out as a priority
Odaily Planet Daily: In response to the widely circulated "Gate was hacked for 1.7 million" incident, Gate has released a comprehensive investigation report stating that upon receiving customer feedback, Gate immediately initiated a special review mechanism, tracing and cross-verifying the entire process of this security item unbinding application. After reviewing all application materials item by item, it was confirmed that the applicant submitted proof documents highly matching the customer's account, indicating that the applicant not only had access to the customer's account information but also had prior access through external channels to the customer's real-name information, Alipay account, transaction records, and corresponding device operation permissions, and was able to successfully pass Alipay's multi-factor authentication.
Gate platform's security unbinding review mechanism strictly implements a four-layer verification process of "multi-channel advance notification + system risk control preliminary screening + manual multi-layer review + time protection," and has never passed any security item change application based on a single piece of material alone. Furthermore, the platform has mature permission controls and data leak prevention systems; the applicant submitted personal data completely and accurately, data that the platform did not previously possess, making it impossible for this incident to involve a platform data leak.
Gate has given this event the highest priority since its occurrence, promptly and comprehensively mapping out all fund flows. It has also mobilized security, compliance, legal, business, and other teams, allocating available resources to conduct on-chain analysis and asset tracking and freezing. Currently, it is continuously coordinating with Tether and other relevant third parties, advancing both the legal and operational procedures for fund freezing. Subsequent steps require continued collaboration with various platforms and the submission of necessary materials as required.
Based on the findings of this investigation, the core risk exposed by this incident is the leakage of customers' external real-name information, Alipay accounts, and device permissions, which were illegally obtained and exploited by third parties.
