A laptop breach led to the theft of over $36 million in tokens, highlighting a critical security oversight for a startup backed by Pantera and Jump Crypto.
By Shaurya Malwa|Edited by Sheldon Reback Jun 9, 2026, 12:02 p.m. 2 min readMake preferred on (Kartik Programmer/Unsplash)Key Points:
- Humanity Protocol reported that hackers stole over $36 million in H tokens after breaching an employee's laptop containing crucial bridge admin keys.
- The attacker exploited three of six Ethereum keys and three of five BNB Chain keys, all stored on the same device, to take control of token bridges, deploy harmful code, and drain or mint hundreds of millions of H tokens.
- The project has paused bridge transactions and is collaborating with exchanges and law enforcement while facing scrutiny as H token prices plummet.
Humanity Protocol detailed how it lost over $36 million worth of H tokens due to a significant failure in securing its keys.
In an update shared with CoinDesk, the decentralized identity project revealed that the breach began when an employee's laptop was compromised. This device contained several keys that managed the project's token bridges, which facilitate the transfer of H (and other tokens) across blockchains.
These bridges utilized multisignature wallets, which necessitate multiple keys for any changes to be authorized. The design is intended to distribute keys across various individuals and devices to prevent any single machine from having the ability to move funds.
However, in this instance, all keys were kept on one device, which allowed the hacker to bypass the approval requirement on both chains, as stated by Humanity.
The hacker managed to gain access to three of the six keys associated with the Ethereum bridge's admin account, granting them control over the project's deployment on that network.
Subsequently, the attacker shifted ownership to their wallet, replaced the bridge's code with a malicious version, and executed a transaction that drained approximately 141 million H tokens.
In a message via Telegram to CoinDesk, Humanity's founder Terence Kwok noted that the team had established a multisig wallet among four individuals, as was intended.
Kwok speculated that "some of the keys may have been inadvertently backed up to a compromised device during the initial setup." He added, "We use a licensed custodian for most of our token treasury, utilize MPC for operations treasury, and while multisig keys were initially set up in one location, they were later distributed. Unfortunately, in this case, the keys ended up on a compromised device."
The attacker executed a similar strategy on the BNB Chain using three of five keys, installing code that permitted unlimited token minting, resulting in the creation of about 200 million new H tokens directly to their wallet.
In response, Humanity has removed its team page from its website. The project has ceased deposits and withdrawals on the affected bridges and is currently working with exchanges and law enforcement to recover the stolen funds.
Last year, Humanity raised $20 million from Pantera Capital and Jump Crypto at a valuation of $1.1 billion.
ZachXBT, a well-known on-chain investigator, remarked that the key compromise was not linked to a separate instance of suspicious market-making activity involving the token.
He also raised concerns regarding the token's trading activity in the weeks leading up to the breach, especially before a major scheduled token unlock, as H token prices surged from 20 cents to 70 cents within a fortnight.
The token has partially recovered some of its losses, bouncing back to around 20 cents after dropping as low as approximately 5 cents during the attack, according to CoinGecko data. However, it still remains significantly below the roughly pre-breach price of 67 cents.