IRA Financial, a platform for managing retirement investments, boasts of being “the first self-directed IRA company to allow their clients to invest in cryptocurrencies, such as Bitcoin, directly via a cryptocurrency exchange”. Unfortunately, they were probably also the first to have that feature exploited, when an administrator account was apparently compromised and users’ funds were transferred out of their connected Gemini accounts. Two days later, IRA Financial publicly acknowledged “suspicious activity that has affected a limited subset of our customers with accounts on the Gemini cryptocurrency exchange”. The stolen funds, taken in a mix of Ethereum and Bitcoin, amounted to around $36 million.

Total loss estimated at $36,000,000.