Cointime

Download App
iOS & Android

Crypto Stolen? 15 Steps to Take After a Cryptocurrency Account Hack

Cointime Official

From Dilendorf Law Firm By: Max Dilendorf, Esq.

If your crypto exchange account has been hacked and funds stolen, you need to act fast. These steps will help you protect your assets, document the breach, and take the necessary actions to pursue recovery:

  1. Secure Your Devices and Accounts.

Protect every device you own. Update antivirus software, install the latest security patches, and immediately change all your passwords. Lock your credit reports to prevent unauthorized activity. Call your phone carrier to confirm your phone is secure and add a PIN for extra security.

  1. Notify the Exchange Immediately.

Reach out to the exchange right away. Provide the blockchain wallet address where your funds were transferred and request that they freeze the wallet, monitor its activity, and seize the funds if they reach an onramp. While the chances of the exchange acting are nearly zero, this step is crucial for building a record and improving your odds of recovery later.

  1. Don’t Blame Yourself.

These attacks are highly sophisticated, often carried out by organized criminal syndicates or state-sponsored actors. In 2023 alone, the FBI reported $5.6 billion in stolen cryptocurrency. Remember, your crypto exchange is your first and last line of defense to protect and safeguard your assets. Focus on taking action, not on self-blame.

  1. Preserve and Document All Evidence.

Keep a detailed record of everything related to the breach. Save emails, call logs, screenshots, transaction records, and any communication with the exchange. This evidence will be crucial for arbitration, legal proceedings, or any attempts at recovery.

  1. File an FBI IC3 Report.

Submit a report to the FBI’s Internet Crime Complaint Center (IC3). The online process takes about five minutes. While the odds of the FBI acting on your case are slim due to backlogs and resource constraints, filing the report is essential. You’ll need it for tax purposes and to support your arbitration claim.

  1. Provide Formal Notice to the Exchange.

If the exchange is liable for transferring your funds to unauthorized individuals during an account takeover (ATO), you must provide formal notice under the terms of the user agreement. For Coinbase, this requires a 45-business-day notice before you can file an arbitration claim. For Gemini, the notice period is 60 days. Meeting these deadlines is critical to preserving your rights.

  1. Understand Exchange Liability.

Under Coinbase’s user agreement, for example, the company is not responsible for thefts on its platform. The risk of loss falls entirely on the customer, and the company disclaims liability if your credentials are compromised and funds are stolen.

However, the customer may still have rights under the Electronic Fund Transfer Act (EFTA), which provides protections for unauthorized electronic transfers. This federal law could provide a pathway to recover stolen funds, so it’s important to determine if your situation qualifies under its provisions.

  1. File Complaints with Regulatory Authorities.

If you believe the exchange is at fault for transferring your funds without authorization during an account takeover (ATO), file complaints with the appropriate authorities. This includes local banking regulators overseeing the exchange, local consumer protection agencies, and federal agencies such as the CFPB and CFTC. If the exchange is licensed in New York, file a complaint with the New York Department of Financial Services (NYDFS), which regulates virtual currency businesses. These complaints help establish your case and bring regulatory attention to the incident.

  1. Begin Arbitration Demand After the Notice Period.

Once the formal notice period required by the user agreement has passed—typically 45 business days for Coinbase or 60 days for Gemini—you can file an arbitration demand against the exchange. The arbitration will be handled by a designated forum, such as AAANAM, or JAMS, as specified in your user agreement. Carefully review the agreement to confirm where your case will be heard. Arbitration is the next step in pursuing recovery.

  1. Engage Professional Legal Assistance.

It is highly recommended to involve an experienced attorney in your case. Arbitration heavily favors exchanges due to the terms of their user agreements, which often disclaim liability for thefts and require customers to use the platform on an “as-is” basis with no representations or warranties. Without professional legal support, consumers are at a significant disadvantage in these proceedings. An attorney can help level the playing field and ensure your claims are properly presented.

  1. Hire a Blockchain Forensics Firm.

Contract a professional blockchain forensics firm to trace where your stolen funds were sent. These firms specialize in tracking blockchain transactions and can identify wallets involved. In some cases, they may assist in working with exchanges or authorities to recover your assets.

  1. Prepare Your Arbitration Demand Carefully.

Your arbitration demand must include all applicable claims and adhere to the statute of limitations. Missing critical details or deadlines could weaken or void your case.

  1. File an Arbitration Demand.

After filing your arbitration demand, expect the process to take 9 to 12 months. This will include depositions, testimony from expert witnesses, discovery motions, and a final evidentiary hearing lasting up to five days. Arbitration is typically conducted online, with all parties, arbitrators, company representatives, and experts participating remotely. Be prepared for a detailed and lengthy process.

  1. Choose a Skilled Arbitrator.

Request a list of five arbitrators and carefully review their qualifications. Select one with expertise in cybersecurity claims and a reputation for fairness to consumers. The arbitrator’s experience and approach can play a critical role in the outcome of your case.

  1. Understand the Finality and Confidentiality of Arbitration.

Arbitration decisions are final and cannot be appealed, except in exceptional circumstances, such as proven arbitrator bias. The proceedings are confidential and bound by a protective order required by the exchange. These cases never reach the public eye—exchanges actively ensure that thefts on their platforms remain hidden from both the public and regulators.

Resources:

Comments

All Comments

Recommended for you

  • Michael Saylor Releases New Bitcoin Tracker Information

    On July 5, Strategy founder Michael Saylor released new information regarding the Bitcoin Tracker. He stated, 'Bitcoin is digital energy.' Following previous patterns, Strategy typically discloses information about increasing Bitcoin holdings the day after related announcements.

  • BTC Falls Below $63,000

    Market data shows that BTC has fallen below $63,000, currently priced at $62,978.8, with a 24-hour increase of 0.24%. The market is experiencing significant volatility, so please ensure proper risk management.

  • Vitalik: Ethereum to Complete Major Third Iteration in Next 5 Years, Quantum Resistance and Privacy as Primary Goals

    On July 5, Vitalik Buterin announced that Ethereum researchers finalized the 'Streamlined Ethereum' roadmap during a conference in Berlin. This is not a one-time upgrade but a series of forks over the next 3 to 4 years (starting from 'I-star'), which will mark the third major era of Ethereum, almost replacing all core components. Core changes include: verification shifting from direct execution to recursive STARK; consensus introducing 1-2 rounds of finality for faster and safer transactions; multi-dimensional Gas pricing; and a complete replacement of existing solutions with quantum-resistant cryptography. The most disruptive change is the state model—current dynamic states only expand to about 2TB, while introducing new scalable states like UTXO and circular buffers, with a total scale reaching up to 100TB, suitable for ERC20/NFT/DeFi, potentially reducing transaction fees by over 10 times after the rewrite; complex applications (like Uniswap pools) will retain the old state without mandatory migration. However, the issue of who will store the 100TB state and the associated incentives has become a new focus of research. Privacy upgrades are now a primary design goal, with all new components needing to support quantum-resistant, intermediary-free privacy transactions. Formal verification will be fully implemented, and there is exploration into introducing RISC-V or leanISA as the underlying VM for the protocol, with EVM potentially becoming a feature at the compilation layer in the future. In terms of scalability metrics, Gas limits, Blob capacity, and block times will be increased multiple times over the next 5 years, with the Glasterdam fork set to significantly raise Gas limits first. In the order of forks, H-star (Hegota) will be the last 'pre-streamlined' fork, after which Ethereum will fully enter the streamlined era. Through this complex yet smooth transition, Ethereum is moving towards a quantum-resistant, massively scalable, privacy-first new network while maximizing the protection of existing applications. This cautious disruption over the next five years has officially begun.

  • ETH Surpasses $1800

    Market data shows that ETH has surpassed $1800, currently priced at $1803.65, with a 24-hour increase of 3.76%. The market is experiencing significant fluctuations, so please ensure proper risk management.

  • BTC Surpasses $63,000

    Market data shows that BTC has surpassed $63,000, currently priced at $63,057.24, with a 24-hour increase of 1.18%. The market is experiencing significant volatility, so please ensure proper risk management.

  • Bank of England Governor Bailey to Speak on Fiscal and Monetary Policy Coordination in Ten Minutes

    Bank of England Governor Bailey will deliver a speech on the issue of coordination between fiscal and monetary policy in ten minutes.

  • Solana Achieves $4.84 Billion in Spot Trading Volume for Tokenized Stocks This Quarter

    On July 3, it was reported that Solana broke multiple records in trading, revenue, and trading volume in the second quarter of 2026. In the tokenized stock sector, Solana's spot trading volume reached $4.84 billion this quarter, capturing over 96% market share. This volume far exceeded that of all other blockchains combined, marking the fourth consecutive quarter that Solana has led this sector, solidifying its dominant position. In terms of decentralized application revenue, the total dApp revenue for this quarter was $257 million, maintaining its lead over all Layer 1 and Layer 2 blockchains for the ninth consecutive quarter. Despite competitive pressure from peers, the enthusiasm of ecosystem developers and actual user demand remains strong. On-chain trading activity has surged, with daily, weekly, and monthly trading volumes all hitting new highs. The total number of non-voting transactions for the quarter approached 9.8 billion, with the overall network transaction volume rising to 59%, reaching an eleven-month high. The perpetual futures trading scale has seen a significant surge, with nominal trading volume for the quarter reaching $183 billion. GMTrade, Pacifica, and Jupiter were the main sources of trading volume, with GMTrade showing impressive growth in asset locking, cumulative trading volume, and protocol fees. The Phoenix platform also gained market recognition with its new features. Meanwhile, the Solana Foundation has proactively reduced its staking holdings, with the staking scale dropping to 4.92% of the total network staking, aiming to weaken its control over network validation and promote the decentralized and mature development of the validator ecosystem. Overall, even though the market is generally perceived to be at the bottom of a bear cycle, Solana's various innovative businesses and fundamental on-chain data are rising against the trend. If this quarter indeed marks the low point of the current market cycle, the existing performance will lay a solid foundation for long-term growth. The article also briefly mentions developments related to Solana's on-chain governance, the Grass rewards controversy, and future plans of the foundation's executives.

  • Venezuela's Largest Oil Refinery Resumes Operations

    On July 3, three sources reported that Venezuela's largest refinery, the Amuay refinery with a processing capacity of 645,000 barrels per day, has resumed operations after a power outage on Friday. It is currently processing approximately 140,000 barrels per day of crude oil, and the fluid catalytic cracking unit (FCC) has also restarted. Following two earthquakes last week that caused significant casualties, several refineries in Venezuela were affected by power outages. Additionally, sources indicated that the El Palito refinery, with a processing capacity of 146,000 barrels per day, has regained power, but staff have not yet been able to restart the production units.

  • US Bitcoin ETF Sees Net Outflow of 588 BTC Today, Ethereum ETF Records Net Inflow of 6,105 ETH

    According to monitoring by Lookonchain, today the US Bitcoin ETF experienced a net outflow of 588 BTC, with a total net outflow of 22,189 BTC over the past seven days. Meanwhile, the Ethereum ETF recorded a net inflow of 6,105 ETH, with a net outflow of 1,915 ETH over the past seven days.

  • US Stock Market Closed on July 3rd (Friday)

    On July 3rd, the US stock market will be closed for one day in observance of the Independence Day holiday.