Crypto financial services firm Galaxy Digital, founded by Mike Novogratz, has confirmed a cybersecurity breach. The incident involved unauthorized access to an isolated development workspace used for internal research and testing, often referred to as a testnet. The company was quick to emphasize that no client funds, account information, or personal data were accessed or at risk at any point.
The breach was contained to this sandboxed environment, which is not connected to Galaxy's core infrastructure, production systems, trading platforms, or custody services. All client-facing services remained fully operational throughout the incident. According to sources familiar with the matter, the financial loss was limited to less than $10,000 in company-owned funds used solely for testing purposes, an amount Galaxy described as "immaterial."
Galaxy Digital stated that its security teams detected the intrusion quickly, secured the compromised workspace, and implemented additional precautionary measures across its on-chain infrastructure. The incident is still under review, and the company has committed to providing further updates. No details were released regarding the specific vulnerability exploited or the method of unauthorized access.
The event highlights the persistent challenge of security in the crypto industry, where open-source code and large on-chain value pools present attractive targets. Industry estimates suggest between $1 billion and $2 billion is lost to crypto hacks annually. While this breach was isolated, it underscores the importance of robust security design, even in test environments that can mirror live system architecture and attract attackers looking for weaknesses.
