The Organized Crime and Corruption Reporting Project (
OCCRP ) revealed on its website that it had obtained a copy of
the Bitfinex security breach investigation, which found that two
security keys needed to access the
exchange's systems were stored on the same device. These keys provide access to
security tokens , allowing attackers to manipulate Bitfinex's
operating system . The report states that if an entity controls any two of these three keys, that entity would have control over all
bitcoins .
It is reported that the investigation report was commissioned by iFinex , one of the owners of Bitfinex, and produced by Ledger Labs , a Canadian cryptocurrency consulting and development company, and has not been made public. However, OCCRP obtained a version of the report with detailed findings, conclusions and recommendations.
