When most people imagine millions being stolen from a bank, they picture robbers stealing from a vault and fleeing with gold bars and bundles of cash. But in the increasingly digital world we live in, the biggest heists are taking place online. Hackers have had their eyes set on over $1 Billion* in the past decade from financial institutions.

So which hacks stand out from the rest? Are financial hacks the new bank heist? By finding recorded attacks against financial institutions in the last ten years, we were able to find some of the biggest online heists that have ever taken place.

Some hacks stand out above the rest, whether for the institutions being attacked or whether the attack was prevented.

1

Coincheck Crypto Heist

$534m

successfully
stolen

Noted as “the biggest theft in the history of the world”, this forced Coincheck to freeze all transactions.

2

Mt. Gox Heist

$450m

successfully stolen

The theft from Mt. Gox resulted in approximately 850,000 bitcoins being stolen from customers, leading to the eventual bankruptcy and closure of the exchange in 2014. The thefts spanned from 2011 to 2014.**

3

Malaysian Central Bank
Attempted SWIFT Heist

$390m

failed attempt

Using an interbank communication system, hackers attempted to transfer the sum to a different bank, into untraceable accounts. The attempt failed.

The World’s Biggest Financial Hacks Ranked

Rank

Nickname / Name

Date of

Location

Group/Individual

Cost

Status

Crypto

Target

One large issue law enforcement has with large scale financial hacks is the level of anonymity granted to hackers, as they can make these attacks from anywhere in the world. The majority of these instances result in the hackers remaining entirely anonymous, although there are a large number of DPRK attacks that have been identified by security groups around the world.

Group/Individual

Number of Hacks

Number of Hacks (%)

82% of the hacks were successful, with a majority of the thieves remaining unknown. Hackers are far harder to trace than physical robbers, as they can gain access to banks and crypto exchanges as long as they’re connected to the internet.

Methodology

We combined multiple sources to find the biggest online attacks against financial institutions that resulted in money being directly stolen by the hackers. We looked at the last 10 years of data to find how much was stolen, who it was stolen by and exactly who the targets were.

*Some funds can be blocked from being transferred, and in some cases the money can be recovered.

**Mt.Gox had continual heists from 2011 to 2014, but the grand total is displayed.