Since receiving several reports of missing funds on the 12th of February 2020 the IOTA Foundation has been investigating an attack. In a series of posts to its status page, they have revealed details of the investigation and steps taken to halt the attack. 

The attack seems to have initially targeted a relatively small number of high value accounts, compromising the Trinity wallet via its integration with MoonPay.

The IOTA Foundation stopped all transactions of value on the network to prevent the stolen funds being moved, and has been liaising with major exchanges to prevent the attackers from converting IOTA.

What do IOTA holders need to do?

You are unlikely to have lost funds unless you held a large sum in IOTA, however if you opened Trinity between 17th of December 2019 and 18th February 2020 01.30 CET you must act to ensure your funds are safe.

Despite the targeting of high value wallets the foundation is advising all users to take action. Here is a summary of what you need to do, refer to the status page for full instructions.

• Do not open your wallet! Not even to check balances, until you have downloaded and installed the most recent versions securely. New versions of Trinity for desktop and Android and iOS have been released
• Once you have the new version of Trinity installed change your password for the wallet
• Migrate your tokens to safe seeds, there is a migration tool available see the status page
• If you have lost tokens, follow the process that will be published shortly, to reclaim your funds
• If you bought IOTA via Moonpay check your credit or debit card statements regularly - it is not 100% clear if credit card data is safe

Good luck!