Blockchain project Ice Open Network ($ION), the creator behind the $ION token and the Online+ social network built on BNB Chain, reported a notable security issue that resulted in unauthorized access to identity data. The hacking attempt took place on April 15 and involved the leaking of users’ personal information, including emails and 2FA phone numbers.
However, the developers claim that there are no signs of any fund theft, and the private keys have not been accessed. “The individuals involved were not directly employed by Ice Labs,” the team notes.
Unpacking ION’s insider data breach: What was compromised and by whom?
According to the official statement released by the Ice Open Network, the hacking incident occurred when a server hosting their identity database was breached. An individual stole the information and passed it on to third parties. It should be noted that the hackers were not from the company Ice Labs, but rather four former partners of the service provider.
The aforementioned service provider was hired to handle operational tasks, including coordination, design, management, and public relations.
The leaked information contains names of identity keys, public keys linked to them, email IDs, and telephone numbers used for two-factor authentication (2FA). None of the financial details, private keys, or wallets were compromised by the hack, according to the company’s representatives.
ION plans on additional measures and will run a migration on Online+ tomorrow. During the migration, the platform is slated to be temporarily unavailable or experience loading issues.
Ice Open Network responds with legal actions
Ice Open Network acted swiftly to address the problem. The firm has already traced the people behind the leak and is taking formal action, including filing a complaint with the United Kingdom’s Information Commissioner’s Office and initiating a criminal complaint with the authorities.
In direct advice to users, Ice Open Network has urged users to update their 2FA settings for both email and phone. This will be done with an added measure: a migration process at Online+, scheduled for the next day, April 21st. There could possibly be some downtime due to this migration process.
Importantly, however, the announcement clearly stated that core functions are completely unaffected. The development of the highly scalable DApp framework, the use of tokenized communities, and the vision for a wider Web3 future on BNB Chain will continue unimpeded.
Reactions from the community have been varied, considering its tumultuous past year. “ZachXBT was right when he said Zeus sold customers’ data in 2020,” an X user stated.
Those who remained supportive lauded the transparent approach. However, others were frustrated by yet another delay and called for complete information regarding the third-party provider.
Insider data breaches enter new levels
Several recent crypto security incidents align closely with Ice Open Network’s April 15 data breach disclosure. This has created a strong narrative covered in unauthorized third-party access to non-sensitive identity data.
In a Kraken’s extortion attempt over insider data on April 13, 2026, a criminal group threatened to release videos of internal system access. Two insider incidents involving the exposure of support data for about 2,000 accounts (0.02 percent of clients) took place.
As reported by Cryptopolitan, no full breach occurred, no client funds were at risk, and no passwords or private keys were compromised.
Within the first 18 days of April alone, crypto protocol hacks had cost $606.2 million through 12 attacks, which is 3.7× higher than the Q1 2026 total of $165.5 million and the highest monthly hack tally since February 2025.
In just the first 18 days of April, crypto protocols lost $606.2 million across 12 incidents—already 3.7× the entire Q1 2026 total ($165.5 million) and the highest monthly figure since February 2025
As reported by Cryptopolitan, KelpDAO was hacked for $293 million and now stands as the largest single exploit of 2026. Hackers exploited the KelpDAO contract by spoofing a cross-chain message on LayerZero. The attack allowed the hackers to steal roughly 18% of the total circulating supply of rsETH (116,500 tokens).
