If you're familiar with crypto exchanges, you'll probably know that Xeggex has been a fast mover in a space needing exchanges that can handle both the big coins as well as a variety of layer 3 alt tokens as well, particularly in terms of being able to change the latter into the former or vice versa for enjoying big alt meme coin booms as of late. 

However, Xeggex has now become the latest in a long chain of exchanges and pools hacked, no surprise, due to silly and avoidable barn doors being left open by the people managing the system. In the case of Xeggex, it was the exchange's own chief officer getting targeted, most likely through a whale phishing attack, and then his access being used to take control of the system. The first signs of trouble was the loss of the exchange's Telegram channel and then the exchange's main website for customer access. According to the Xeggex discord community team, the actual accounts, wallets and related database were quickly cut off (access), but the actual damage done has yet to be disclosed. It helped that a partner dev team with Xeggex saw the odd activity and noticed Xeggex' core team what was happening.

After having been burned for a few $100s on Celsius, I've followed the maxim of keeping most of my funds in a separated wallet, but some liquidity is still needed to make things happen on exchanges for timing the market. So, like others I had my own stake involved for a minor amount ($40). That said, some are in pure panic, having hundreds of thousands of tokens stacked on the Xeggex account with no idea if things are still eventually going to be accessible by month's end. 

The timing of the attack was particularly interesting and probably accidental to the market. Just as Bitcoin decided to take it's latest cliff dive below $100,000, the hack was in full swing, possibly sapping some of the main liquidity Xeggex accounts of their funds. Some would argue that was foolish, as the barn would have been fatter had the hacker waiting until people doubled-down on Bitcoin's drop and put more money in. In either case, the full damage is still unknown, and numerous folks are crawling all over the related blockchain records to get a better idea of what happened.

And, of course, there is no mercy for the head officer. From a IT security perspective, why he was mixing personal connections with the exchange and business identities was a huge rookie mistake. It's particularly what hackers hope to get when they go whale hunting. It's also the first thing taught to disallow in ITSEC when it comes to least privilege and blocking anyone from having full system access in just such an event. In a regulated environment, this "CEO" could have found himself buried in mismanagement lawsuits and indictments for such a dumb choice of data handling, but it's crypto, so shit happens.

Long story short, no one will protect your crypto on an exchange. It is still the wild, wild West, even if things seem to have advanced a decade or so later. There is no overseer protection, and even the best exchanges can be easy targets due to their weakest links: people.