One thing that has dogged the blockchain industry, more than most, is cyber-attacks.
On 31 July 2020, 2gether - a collaborative crypto-trading platform - suffered a cyber-attack at the hands of hackers who stole 114 BTC and 281 ETH worth a combined €1.18 million from its users' investment accounts.
While these hacks are nothing new, those stolen funds are usually gone forever. 14 of these kinds of attacks, starting with Bithumb in February 2017 to Zaif in September 2018, saw $882 million in crypto and USD funds go missing.
2gether has announced that it is taking an alternate approach to its breach. It is compensating its users to give back the cryptocurrency stolen from their accounts.
To raise the capital to execute the plan, 2gether worked with the community, private investors, and partners to generate an equity crowdfunding round, which closed at the legal maximum of €1.5 million, 125 percent of its target. The funds raised in the latest round will strengthen the company's security, risk management, and coverage model.
First, 2gether offered all those affected by the hack immediate compensation for the loss in 2GT, its utility token, and company equity. The company then prioritized replenishing the accounts of the users who lost their assets and compensated 91 percent of its users in full in BTC and ETH following the crowdfunding campaign.
The remaining nine percent with the highest total value of crypto in their accounts are compensated with a solution that includes at least the value in euros at the time of the cyber-attack and, in most cases, exceeds that value.
Users in the nine percent cohort have two different options for compensation. They can accept 2gether's initial offer for the value of their lost assets in euros at the time of the attack or submit an appeal for a different compensation package.
Since the cyberattack day, 2gether has been integrating stronger security protocols to ensure such an incident is never repeated.
"After implementing several security measures at all levels, 2gether is in the process of hiring an independent auditor and expert in security matters to do an all-encompassing pentest of our system," Ramón Ferra, CEO at 2gether, told me. "This will be done once every year and whenever a significant upgrade is made to the platform."
Also, it has restructured and reengineered its security frameworks, reorganized user funds to limit attack perimeters, reengineered databases to avoid personal data leaks, and restricted permissions and revised policies and procedures.
Other improvement measures include upgrading, insurance reinforcement, and increased resources on key risk management areas, including CISO, systems management, and DevOps.
The response from its users suggests that the scheme has been well accepted.
"2gether users have actively engaged with us and participated in our community solution in response to the cyberattack from six months ago," Ferra said. "During the crowdfunding round, more than 200 2gether users participated in the campaign, and from November onwards, 2gether transactional volumes and market share have increased by a multiple of four."
So what's next for 2gether?
"One of the major milestones in 2gether will take place in the next few weeks is the 2GT issuance, an ERC-20 token, which functions as a utility token. We've been working on our token for three years to develop a type of utility to the 2GT token in 2gether's ecosystem, with the objective of creating a self-manageable, collaborative model, without commissions, and one of sharing the generated value among the company's founders."
And the company intends to continue to expand its field of operations.
"In the coming months, we will be launching a subdivision of the brand, Time to Token," Ferra said. "Under this new category, 2gether will provide services to all entrepreneurs and companies that want to launch their own token to manage their business model. The first pilot will be launched in the hospitality sector in Madrid, one of the sectors hardest hit by the crisis. The hospitality industry in Madrid will be able to have its own token and foster a market of its own for hospitality tokens."
It's rare to see any blockchain organization compensate for cyber-attack losses. If the industry is to become seen as legitimate by a mainstream audience, more schemes like this could make the difference.