From Dilendorf Law Firm By: Max Dilendorf, Esq.

If your crypto exchange account has been hacked and funds stolen, you need to act fast. These steps will help you protect your assets, document the breach, and take the necessary actions to pursue recovery:

Protect every device you own. Update antivirus software, install the latest security patches, and immediately change all your passwords. Lock your credit reports to prevent unauthorized activity. Call your phone carrier to confirm your phone is secure and add a PIN for extra security.

Reach out to the exchange right away. Provide the blockchain wallet address where your funds were transferred and request that they freeze the wallet, monitor its activity, and seize the funds if they reach an onramp. While the chances of the exchange acting are nearly zero, this step is crucial for building a record and improving your odds of recovery later.

These attacks are highly sophisticated, often carried out by organized criminal syndicates or state-sponsored actors. In 2023 alone, the FBI reported $5.6 billion in stolen cryptocurrency. Remember, your crypto exchange is your first and last line of defense to protect and safeguard your assets. Focus on taking action, not on self-blame.

Keep a detailed record of everything related to the breach. Save emails, call logs, screenshots, transaction records, and any communication with the exchange. This evidence will be crucial for arbitration, legal proceedings, or any attempts at recovery.

Submit a report to the FBI’s Internet Crime Complaint Center (IC3). The online process takes about five minutes. While the odds of the FBI acting on your case are slim due to backlogs and resource constraints, filing the report is essential. You’ll need it for tax purposes and to support your arbitration claim.

If the exchange is liable for transferring your funds to unauthorized individuals during an account takeover (ATO), you must provide formal notice under the terms of the user agreement. For Coinbase, this requires a 45-business-day notice before you can file an arbitration claim. For Gemini, the notice period is 60 days. Meeting these deadlines is critical to preserving your rights.

Under Coinbase’s user agreement, for example, the company is not responsible for thefts on its platform. The risk of loss falls entirely on the customer, and the company disclaims liability if your credentials are compromised and funds are stolen.

However, the customer may still have rights under the Electronic Fund Transfer Act (EFTA), which provides protections for unauthorized electronic transfers. This federal law could provide a pathway to recover stolen funds, so it’s important to determine if your situation qualifies under its provisions.

If you believe the exchange is at fault for transferring your funds without authorization during an account takeover (ATO), file complaints with the appropriate authorities. This includes local banking regulators overseeing the exchange, local consumer protection agencies, and federal agencies such as the CFPB and CFTC. If the exchange is licensed in New York, file a complaint with the New York Department of Financial Services (NYDFS), which regulates virtual currency businesses. These complaints help establish your case and bring regulatory attention to the incident.

Once the formal notice period required by the user agreement has passed—typically 45 business days for Coinbase or 60 days for Gemini—you can file an arbitration demand against the exchange. The arbitration will be handled by a designated forum, such as AAA, NAM, or JAMS, as specified in your user agreement. Carefully review the agreement to confirm where your case will be heard. Arbitration is the next step in pursuing recovery.

It is highly recommended to involve an experienced attorney in your case. Arbitration heavily favors exchanges due to the terms of their user agreements, which often disclaim liability for thefts and require customers to use the platform on an “as-is” basis with no representations or warranties. Without professional legal support, consumers are at a significant disadvantage in these proceedings. An attorney can help level the playing field and ensure your claims are properly presented.

Contract a professional blockchain forensics firm to trace where your stolen funds were sent. These firms specialize in tracking blockchain transactions and can identify wallets involved. In some cases, they may assist in working with exchanges or authorities to recover your assets.

Your arbitration demand must include all applicable claims and adhere to the statute of limitations. Missing critical details or deadlines could weaken or void your case.

After filing your arbitration demand, expect the process to take 9 to 12 months. This will include depositions, testimony from expert witnesses, discovery motions, and a final evidentiary hearing lasting up to five days. Arbitration is typically conducted online, with all parties, arbitrators, company representatives, and experts participating remotely. Be prepared for a detailed and lengthy process.

Request a list of five arbitrators and carefully review their qualifications. Select one with expertise in cybersecurity claims and a reputation for fairness to consumers. The arbitrator’s experience and approach can play a critical role in the outcome of your case.

Arbitration decisions are final and cannot be appealed, except in exceptional circumstances, such as proven arbitrator bias. The proceedings are confidential and bound by a protective order required by the exchange. These cases never reach the public eye—exchanges actively ensure that thefts on their platforms remain hidden from both the public and regulators.

Resources: