Crypto hacks surged to an all-time high in the second quarter of 2026, with 70 separate incidents draining a combined $746 million from exchanges, DeFi protocols, and wallets. That's the most breaches ever recorded in a single quarter — and the total losses, while staggering, mask a more worrying trend: the attacks are getting smaller but coming much more often.
By the numbers
The 70 hacks in Q2 2026 blow past the previous quarterly record of 52 set in Q1 2025. The $746 million in stolen funds is actually lower than the $1.1 billion lost in Q1 2026, when a handful of mega-hacks dominated headlines. But the sheer frequency suggests attackers have shifted tactics. Instead of chasing one massive score, they're spreading risk across dozens of targets — hitting smaller protocols and centralized exchanges that may lack the security budgets of the top-tier platforms.
What's driving the wave
Industry observers point to a few factors. The maturation of cross-chain bridge exploits and the proliferation of low-sophistication phishing kits have lowered the barrier to entry for would-be hackers. At the same time, many smaller crypto projects launch with minimal auditing, leaving gaping holes that automated scanners can now find in minutes. The result: a volume play. Hackers don't need to break into Binance or Coinbase to make money; they can drain ten small DeFi pools for $10 million each and end up with the same haul — with less heat.
Regulators are watching
The spike comes at a sensitive time. Several G20 finance ministers are already pushing for tighter crypto oversight, and the Q2 numbers are likely to fuel that fire. Expect more calls for mandatory security audits, incident-reporting deadlines, and perhaps even licensing requirements for any platform that holds user funds. The European Union's MiCA framework is already live, but enforcement has been uneven; this wave of hacks may accelerate penalties for noncompliant firms. In the U.S., both the SEC and CFTC have signaled they're taking a harder look at exchange security practices.
What exchanges are doing
On the ground, the affected platforms are scrambling. Several have paused withdrawals temporarily this quarter to patch vulnerabilities — something that didn't always happen after a hack in earlier years. Bug bounty programs are being expanded, and a few top exchanges have started pooling threat-intelligence data, a rare cooperative move in a normally secretive industry. Still, for every platform that tightens up, a dozen smaller ones remain exposed.
Unanswered questions
The big question heading into Q3 is whether this is the new normal or a prelude to something worse. If attackers keep refining their methods — and if the crypto market's recovery continues to draw fresh capital — the incentive to hack only grows. Regulators are moving, but slowly. For now, the burden falls on individual users to stick with vetted platforms and maybe even self-custody. The numbers suggest that trusting any exchange with a large balance carries more risk than it did a year ago.
