
Humanity Protocol Says Compromised Employee Laptop Enabled $36M Ethereum And BSC Bridge Attack
Key Takeaways
- Compromised employee laptop enabled attackers to seize bridge controls on Ethereum and BSC.
- Attackers minted 100 million H tokens on BSC during breach.
- H token price collapsed; losses around $36 million.
Laptop breach drains H
Humanity Protocol said a coordinated attack on June 8, 2026 across Ethereum and BSC was enabled by a compromised employee laptop that exposed private keys tied to its token and bridge infrastructure.
“Table of Contents On Tuesday, Humanity Protocol—a decentralized identity platform utilizing palm-scan biometric technology—fell victim to a major security breach when malicious actors obtained private keys from a Humanity Foundation team member”
In a post mortem update, the project said several production keys were inadvertently backed up on that machine during its mainnet launch around June 2025, including an admin hot wallet key, three Ethereum Safe owner keys, and three BSC Safe owner keys.

Crypto.news reported that Humanity founder and CEO Terence Kwok said, "Last night, June 8, 2026, the Humanity was hit by a coordinated attack across Ethereum and BSC," and the project estimated more than $36 million was stolen and sold across both chains.
Crypto Briefing said the incident affected Humanity’s H token across Ethereum and BSC between June 8 and June 9, with the attacker first stealing about 6 million H from an admin hot wallet on Ethereum and then draining roughly 141 million H from the Ethereum bridge after taking control of its ProxyAdmin.
The Crypto Briefing update also said the attacker minted 300 million H on BSC after compromising three Safe owner keys tied to the BSC token’s ProxyAdmin, and Humanity described the BSC H token as unrecoverable and permanently compromised.
Keys, mints, and token crash
Humanity Protocol’s disclosures tied the breach to legitimate key control rather than a smart contract bug, saying the attacker used legitimate private keys to authorize transfers, Safe transactions, proxy upgrades, bridge drains, and token mints.
Crypto Briefing reported that the Ethereum H token was frozen by a clean 4 of 7 Safe after the incident, while the canonical Arbitrum bridge was unaffected and still holds roughly 87 million H.

The Defiant said the attacker drained funds from 17 or more Gnosis Safe wallets across Ethereum and BNB Chain and minted 100 million additional H tokens on BSC, with total losses reaching about $36 million.
Crypto Briefing put the total impact at about 447 million H across both chains, including the direct Ethereum theft, the bridge drain, and the newly minted BSC tokens, while also stating that the 15 million H initially moved into the Ethereum bridge was already included in the 141 million H bridge drain.
Cointribune reported the H token price fell from around $0.67 to nearly $0.13, with the token briefly touching $0.05, after the attackers sold stolen H tokens for ether and increased selling pressure.
Staged questions and next steps
As Humanity’s explanation circulated, blockchain investigators and security operators questioned whether the incident could be purely external or connected to unusual token activity before an upcoming unlock, with Cointelegraph describing ZachXBT’s initial scrutiny of market maker and OTC activity.
“Home»News»Crypto News The cryptocurrency sector faces a new major security incident”
Cointelegraph quoted Cyvers’ Hakan Unal saying, "What distinguishes them is the surrounding behavior," and added that a genuine compromise usually shows speed and improvisation while a staged incident may show suspicious timing near unlocks or vesting.
Cointribune said Humanity Protocol asked users to temporarily suspend the use of its cross-chain bridge as well as its liquidity pools, while also stating it was working with cybersecurity companies and several exchange partners to contain the consequences of the attack.
Crypto.news reported that Kwok said, "We’ve now halted all deposits and withdrawals to the affected bridges and are working with all related parties, including exchanges, to minimize the impact," and said the project was working closely with police to investigate and recover some stolen funds.
The Crypto Briefing update said Humanity engaged external security experts for a forensic investigation and is working on a recovery program for affected victims, while also stating the team is still investigating when the attacker first gained access, how the malware compromised the device, and how long the attacker held the keys before executing the attack.
More on Crypto

Paul Grewal Steps Down As Coinbase Chief Legal Officer; Molly Abraham Named General Counsel
12 sources compared

Bitdeer Breaks Ground on $36 Million Sparks, Nevada Facility to Produce 10,000 Mining Rigs Monthly
10 sources compared

ESMA Launches Common Supervisory Action To Review MiCA Crypto Asset Custody Across EU
10 sources compared

Adam Back’s BSTR And Cantor Equity Partners I Scrap SPAC Merger After $1.5B Financing Fails
11 sources compared