Hackers breached security at crypto infrastructure firm Fortress.

Ripple acquired Fortress, helping to protect the company’s customers.

The crypto community praises Ripple for stepping up.  With billions in digital assets held by centralized custodians, the stakes are high when it comes to maintaining a reputation for security. Unfortunately, following a recent hack at Fortress, the company’s reputation has been negatively affected. Ripple’s subsequent acquisition of Fortress has gone a long way to offsetting the reputational damage, particularly concerning stumping up the funds to make customers’ losses whole. Ripple Steps InOn September 8, Ripple announced that it had acquired Fortress for an undisclosed sum of cash and equity. At the time, the move was hailed as an expansion of Ripple’s product offerings and a key acquisition for compliance purposes, given that Fortress holds a Nevada Trust license. 

The official acquisition press release failed to mention that Fortress had fallen victim to hackers. But in the days following the acquisition, crypto community members began piecing together what happened.

Like many in the community, James Lopp, the co-founder of custody firm Casa, raised concerns about conflicting accounts on whether customers lost money in the hack.Chiming in, BitGo CEO Mike Belshee expressed being upset that Fortress chose to omit facts, downplay the incident, and make a public statement that was a half-truth by tweeting, “most importantly, no funds were lost.”

Belshee clarified that while Ripple’s acquisition of Fortress and subsequent plugging of the losses is a positive step, the fact remains that customers did experience losses as a result of the hack. 

The BitGo CEO added that Ripple “is a good actor here and should be applauded,” he further commented that Ripple’s honest disclosure of the breach was the right thing to do under the circumstances. Details of the Fortress HackOn September 7, Fortress disclosed that it had suffered a security breach a week earlier, affecting four customers. The company revealed that the incident had stemmed from compromised cloud tools used by third-party vendors.

Upon discovering the weakness, Fortress reacted by closing the affected vendor integration and moved to pause all accounts to assess the scale of the breach. The company stated that the issue has now been resolved.  On the Flipside The amount lost to hackers and the extent of the impact on Fortress remains unknown.

Questions are being asked about the competency of Fortress CEO Scott Purcell, who resigned from his position at Prime Trust in 2021, culminating with the company filing for bankruptcy in June 2023. Why This MattersThe full scope of the Fortress hack remains unclear, as the amount stolen by attackers has not been disclosed. Ripple’s acquisition of Fortress potentially prevented the incident from negatively impacting the broader cryptocurrency landscape.Read more about the Ripple-Fortress deal here:Ripple Expands License Arsenal with Fortress Trust AcquisitionDiscover Brian Armstrong’s take on the upcoming US presidential election here:Coinbase CEO: Crypto to Take Center Stage in 2024 US Election