Yet another reminder, Account Security = Key Security

The announcement last week of Fusion Foundation’s $6.4M cryptocurrency theft was not major in terms of the magnitude of the loss on market scale, but it’s an important reminder that even the best secured wallets are no more secure than the security of the keys that protect them. The resulting loss of more than 80% in market cap value, (now improved to 40%) is also a reminder of the consequences to shareholders when such events happen.

Fusion is working with authorities to track down the adversaries behind the theft from the firm’s own internal wallet, but they have confirmed that it was based on the theft of the private key used to protect the assets, and they suspect it was an insider job.

Fusion has assured everyone that their system remains secure, but they also acknowledged “While private key theft is an industry-wide risk and occurrence, we clearly must strengthen the protection around our private keys.”

Fusion offers a compelling platform with compelling services. This blog is not an attack on Fusion or the integrity of their overall security. It’s simply a reminder that threats from insider attacks as well as external hackers can be effectively prevented with multi-approver key management solutions such as threshold signatures.

Unlike all other signature scheme’s, only threshold signatures are designed to not only securely support multiparty transaction approvals, they also to ensure sustained security and operations even if some of the approving parties becomes compromised.

Learn more about threshold signatures at https://sepior.com/thresholdsig.