Share this article
FBI Investigating 3Commas Data Breach
This week, an anonymous person leaked 100,000 API keys connected to the crypto trading service.
By Sam Kessler
Updated May 9, 2023, 4:05 a.m. Published Dec 29, 2022, 11:48 p.m.
The FBI is investigating the 3Commas data breach, CoinDesk has learned. The investigation comes after weeks of criticism from users of the Estonia-based crypto trading service, who say its CEO repeatedly brushed off warning signs that the platform had leaked user data.
This week, 100,000 Binance and KuCoin API keys linked to 3Commas were leaked by an anonymous person. On Thursday, two 3Commas users told CoinDesk that they were contacted by agents from the FBI’s Cincinnati Field Office in connection to the leak.
STORY CONTINUES BELOW
Don't miss another story.Subscribe to the Crypto Daybook Americas Newsletter today. See all newsletters
Over the last several months, dozens of 3Commas users found that the service had, without their consent, traded away funds on crypto exchanges they’d linked to it. Initially, 3Commas said that these users were most likely phished and insisted that the platform was safe.
The API database leaker insinuated that the 3Commas keys had been sold by someone from within the company, but 3Commas CEO Yuriy Sorokin said in a statement on Thursday that “3Commas stresses that it has found no evidence during the internal investigation that any employee of 3Commas was somehow involved in attacks against the API data.”
“Since becoming aware of the suspicious activities taking place, we immediately launched an internal investigation. We will continue with the investigation in the light of the new information and also notify law enforcement authorities accordingly,” Sorokin said in the statement.
A 3Commas victim group, which has around 60 members, previously reached out to the U.S. Secret Service and other law enforcement agencies in an attempt to understand how their funds had gone missing. The group’s leader, Edmundo (Mundy) Pena, told CoinDesk that he has tallied the group’s losses at over $20 million.
The FBI and 3Commas did not immediately respond to CoinDesk’s requests for comment.
More For You
What to know:
- As of October 2025, GoPlus has generated $4.7M in total revenue across its product lines. The GoPlus App is the primary revenue driver, contributing $2.5M (approx. 53%), followed by the SafeToken Protocol at $1.7M.
- GoPlus Intelligence's Token Security API averaged 717 million monthly calls year-to-date in 2025 , with a peak of nearly 1 billion calls in February 2025. Total blockchain-level requests, including transaction simulations, averaged an additional 350 million per month.
- Since its January 2025 launch , the $GPS token has registered over $5B in total spot volume and $10B in derivatives volume in 2025. Monthly spot volume peaked in March 2025 at over $1.1B , while derivatives volume peaked the same month at over $4B.
More For You
French Banking Giant BPCE to Roll Out Crypto Trading for 2M Retail Clients
The service will allow customers to buy and sell BTC, ETH, SOL, and USDC through a separate digital asset account managed by Hexarq.
What to know:
- French banking group BPCE will start offering crypto trading services to 2 million retail customers through its Banque Populaire and Caisse d’Épargne apps, with plans to expand to 12 million customers by 2026.
- The service will allow customers to buy and sell BTC, ETH, SOL, and USDC through a separate digital asset account managed by Hexarq, with a €2.99 monthly fee and 1.5% transaction commission.
- The move follows similar initiatives by other European banks, such as BBVA, Santander, and Raiffeisen Bank, which have already started offering crypto trading services to their customers.
Top Stories
