On January 6, Kontigo, a stablecoin bank startup focused on the Latin American market, announced that it had discovered and quickly patched a security vulnerability over the weekend and had fully compensated 1,005 affected users for a total of $340,900 in stablecoins by January 6.
Kontigo disclosed the incident on January 5th. Co-founder and CEO Jesus A. Castillo stated that his personal account was also compromised, calling it a direct attack against company management and users. Castillo posted on the X platform that the company has identified the attackers and that those responsible "will not evade responsibility."
This security incident occurred during Kontigo's rapid expansion phase. Just weeks earlier, on December 22, the company announced the completion of a $20 million seed funding round led by FoundersX Ventures, with the funds earmarked for product development and expansion into emerging markets.
Kontigo, founded less than a year ago, has received backing from Y Combinator. The company claims to have achieved $30 million in annualized revenue and processed over $1 billion in payments in the past 12 months, with over 1 million active users and a team of only 7 people. However, Kontigo has previously drawn attention for its "de-banking" practices. Media reports indicate that its bank accounts used through intermediaries were frozen due to compliance risks, but Castillo denies these allegations, stating that the problem stems from the intermediaries, not the banks themselves.
