[mattbrewsbytes]

Sounds like if they had a checking account with their bank credentials stored in ENV variables and someone got access to that server it would be the same outcome.

The details of it being on a crypto-currency are interesting but when password/passphrase/private key security is poor it doesn't really matter the medium holding the money.

[oefrha]

No, $625M transfer out of a single bank account would raise tons of eyebrows. No way it’s authorized by some env vars.

[no-dr-onboard]

Maybe, but 30d ago it would have been "No way someone would store $625M USD in a game dev bank account".

[mattbrewsbytes]

If the hackers are sophisticated, I would think they would start wiring in much smaller amounts and thru accounts so tracing is harder. Much like what they are going to have to do with the funds in that wallet.

If they setup some plausible 3rd party company the game studio could use and started transfers of $10k a pop it might be some time before anyone catches it.

[manquer]

That is slow anything over 10,000 in bank transfers will reviewed, and there will be a dedicated account manager for a 600m account.

They are going to review and flag it. You might loose few hundred thousands but not all 625m.

[openasocket]

Aren't there methods of rolling back transactions in the traditional banking system though? And additional validations on larger volume transactions?

[mplewis]

That's right. None of these protections exist in their sidechain.

[mrits]

It would be much different outcome that would probably lead to recovering the money.

[gamblor956]

Transferring $650 million out of a corporate bank account would usually require in-person approval by a C-level officer, or at the very least, prior notice to the bank of the transaction.

[mtoner23]

Yeah, banks dont let you move this money without multiple levels of identity verification by both parties.

[arthurcolle]

Not always true: https://www.vice.com/en/article/ne8p9b/offshore-bank-targete...