4 Minutes
Humanity Protocol suffers major token crash after key compromise
Humanity Protocol’s H token collapsed by roughly 83% on June 9 after attackers drained multiple wallets linked to the project, on-chain trackers say. The incident has raised fresh concerns about private key security and privileged-access controls across the crypto industry as investigators and project leaders try to contain the fallout.
What happened: private keys compromised, funds moved to ETH
The Humanity team confirmed a security incident and said a private key belonging to a member of the Humanity Foundation was compromised. Founder and CEO Terence Kwok acknowledged the breach and urged users to avoid the Humanity bridge and all liquidity pools until the team verifies they are safe. He added that the project is working with external security specialists and exchange partners to investigate.
On-chain tracking and estimated losses
On-chain analysts first identified more than 17 wallets holding H that were drained. Early loss estimates were near $19 million before subsequent trackers pushed the toll above $30 million. Arkham-linked monitoring and independent researchers reported that the attacker sold large amounts of H and converted a substantial portion into Ethereum to exit positions.
Specter, an on-chain analyst, reported roughly $23.7 million had been swapped into ETH while about $7.9 million remained in H. Blockaid later claimed the attacker gained proxy administrator rights for H on BNB Smart Chain and minted 100 million tokens, though Humanity had not confirmed that specific claim at the time of reporting.
Why this matters: identity protocol under pressure
Humanity Protocol operates a zkEVM-based identity network that leverages zero-knowledge proofs and palm biometrics to verify unique users without centralizing full personal data. The protocol is positioned at the intersection of identity, privacy, and decentralized finance — making the security incident particularly consequential for trust in both the token and the underlying identity infrastructure.
Market impact: token price and liquidity
Data from crypto.news shows H trading near $0.123 after the sell-off, down about 83% over 24 hours. Intraday prices ranged roughly between $0.073 and $0.731, with daily volume climbing above $605 million. The token’s market capitalization slid to approximately $222 million amid the panic, wiping out most of a rally that had pushed H to a record near $0.844 on June 2.
Humanity’s planned token release on June 25 under a revised investor vesting plan added uncertainty. Some early backers had accepted discounted immediate unlocks rather than longer vesting schedules, though there is no public evidence linking the planned release to the breach.
Humanity Protocol (H) price chart
Response, investigation, and next steps
Humanity has not published a full technical postmortem, recovery plan, or reimbursement terms. The project’s immediate guidance has been to pause use of the bridge and liquidity pools and to await further confirmations. The team said it is coordinating with exchanges and cybersecurity specialists to remediate access and trace funds.
The incident is part of a wider trend in 2026 of private key compromises and privileged-access failures across crypto projects. Recent similar attacks included an alleged key compromise that allowed minting and extraction from another token project in May.
What users should do
- Follow Humanity’s official channels for authenticated updates and technical reports.
- Do not use the Humanity bridge or liquidity pools until the team declares them safe.
- Monitor on-chain alerts and reputable trackers like Arkham and Blockaid for real-time indicators of fund movement.
- Exercise caution with wallets that have previously interacted with privileged contracts or administrative keys.
As investigations proceed, the community will be watching for a detailed incident report, any planned mitigations or reimbursements, and confirmation of whether additional privileged keys or contracts were affected. The breach underscores the importance of multi-party governance, robust key management, and rapid incident response for projects building at the intersection of identity verification and blockchain technology.
Source: crypto
Comments
Reza
Not surprised tbh, if teams skip multi-sig and key rotation this kinda mess is inevitable. Humanity needs a full postmortem and clear reimbursements, transparency pls smh
coinpilot
Wait so private key of a foundation member? sounds sketchy, how was that key stored... no MFA? wallets drained fast, who audited this??
Leave a Comment