Because they are like sitting ducks....
Let me explain. The cryptocurrency remains a largely unregulated space and even better for hackers one that is generally online and deals in lots of money and EVEN better money that is really easy to make untraceable by various means that I won't go into just now. The exchanges that generally get hacked are the centralised ones because there is a centralised point for the hackers to focus on and they do focus on it. Hundreds of them, maybe thousands...nobody really knows and they are constantly pick, pick picking away, trying to find weaknesses. All day, every day. Constantly working to find a way in and the security teams are constantly battling to keep them out, like a giant game of cat and mouse.
Most exchanges of this kind operate a hot and cold wallet system where funds are kept in the cold wallets, which means that effectively they are stored offline until the funds are needed for trading. It is at this point they are transferred to the hot wallet. This is what the hackers are looking for. If they can access the private key for any of these hot wallets they can gain access, potentially to millions of pounds. In the case of the MTGOX hack, they simply whipped all the funds out. Boom. $350 million. gone. In the case of the more recent hack of Binance it is believed that the hackers tried to be smarter and withdraw the funds slower so as not to attract attention before being discovered and shut down.
In the case of decentralised Wallets the hack is much more difficult as the exchanges are made by a series of autonomous intermediaries and the swap is done by establishing a final connection between only the two parties looking to make the exchange and so the only way, really, to hack these is to compromise one of the clients in the final exchange and even then the rewards would be less as you would only be able to take funds from that one party.
As with anything online, the growing number of hackers and scammers in the world can create huge security problems but it's not just block chain projects that face this it's almost any money or information rich app, website, dapp or exchange out there. The advice for the individual investor in the blockchain space is simple. Store your cryptocurrency in a wallet, preferably a cold hardware wallet that can't be accessed by the internet such as the Ledger Nano X
Hardware wallets allow you to place all of your cryptocurrencies into one, offline place so you have complete control over them. Wehn your funds are stored on an exchange wallet you do not even control the keys so you are not truly in control of your money. So please, please never store more than you absolutely need on an exchange.
Thanks for reading. Are there any other topics you would really like to know about in Cryptocurrency as a newbie? Things you have heard but do not fully understand. Or just a question I can help with then please do let me know.