Jesse Powell, the CEO of a major crypto exchange Kraken, warned users of digital assets to not store funds on trading platforms.
The warning of Powell follows a high profile security breach suffered by Cryptopia, a New Zealand-based crypto exchange known for its listing of a wide range of small market cap tokens.
Any application or platform connected to the internet by nature is hackable. In essence, centrally operated crypto exchanges are similar to banks in that they hold the private keys and funds of users.
If a hacker gains access into the central servers or internal management system of an exchange, the hacker can steal user funds, private information, and financial data.
As Powell said, a more secure way of storing cryptocurrencies is in a hardware wallet or a non-custodial wallet that allows users to manage their own private keys.
“Please do not store more coins on an exchange (including @krakenfx) than you need to actively trade. Use Ledger or Trezor. DEXes are not a panacea — look at the DAO. Open source just means exploits will be discovered sooner (probably not by good guys),” he noted.
Some experts have argued that major centralized exchanges can be safer for casual or beginner crypto users because it is possible for new users to mismanage private keys and sensitive data.
Well regulated cryptocurrency exchanges like Gemini, for example, have insurers in place that are able to reimburse investors in an unlikely event of a security breach or a hacking attack.
In October, Gemini revealed that it obtained insurance coverage from Aon, one of the largest insurance service providers in Europe.
In light of recent hacking attacks on cryptocurrency exchanges, certain markets including South Korea have requested trading platforms to obtain insurance to protect investors and their capital.
Centralized crypto exchanges are still vulnerable to security breaches and it is difficult to have all of the user funds insured by insurance companies.
The risk in storing crypto in a hardware wallet or a non-custodial wallet is the lack of presence of a company or a representative that could help an investor recoup funds in an event that a private key is lost.
But, the responsibility is fully on the investor to securely manage funds and back up wallets on a regular basis and as long as the wallet is well maintained, there exists no possibility of a security breach.
The Cryptopia hack, which prompted Kraken CEO Jesse Powell to ask investors to avoid storing funds on an exchange, is currently being investigated by the New Zealand police.
In an official announcement, the New Zealand police said:
A significant value of crypto-currency may be involved and Police are taking this very seriously. We are currently talking to the company to gain a further understanding of what has occurred. A dedicated investigation team is being established in Christchurch including specialist police staff with expertise in this area.
It remains uncertain whether the exchange will be able to reimburse every investor affected by the hack.