Aug 14, 2020 - 14:00h
Maintaining due confidentiality, we enclose the Act of Appearance before the Central Operational Unit of the Spanish Guardia Civil on Wednesday the 5th of August at 14:00.

Aug 13, 2020 - 12:00h
Hi, everyone.

We wanted to give you an update on the progress made over past few days in the areas that we all consider most relevant:

The specialized agency we hired when this event happened has finished its audit and all questions about the security of our systems have been answered. We’re currently executing a security reinforcement plan in all aspects related to identification, protection, detection, response, and recovery. During the reinforcement process we’ve taken extreme precautions, even if this takes away some of our company’s agility. Security is and will be our company’s priority above any and all other interests.

Funds recovery
We keep working with Law Enforcement on recovering the funds. We are sorry for not being able to give you more information about this since it is still an ongoing investigation. Meanwhile, we’re working on giving all affected users the best solutions: we’ve sent emails to all of them with the alternatives and we will keep working tirelessly so that everyone can recover or be compensated for their losses.

Service recovery
We keep working on responding to the internal accounting issues that happened on the day of the relaunch and to all other issues that might arise. The transitional security measures we’ve adopted take away some of our agility in problem solving, but we’ve already fixed a high percentage of these issues, both those related to the euro accounts and to the crypto investment accounts. They will all be solved this week.

Next steps regarding the product
Although a significant portion of our capacity is currently dedicated to solving this crisis, the team keeps moving forward with our product development. Yesterday we released a new version of the 2gether App with improvements that you can check on the News area of the 2gether app on the App Store and on Google Play, and we’re developing the new Founder levels, looking forward to releasing them at the end of August or the first days of September.

2gether was born in 2016 with the objective of accelerating the new economies based on digital assets, as a way to improve the people’s economy. Since then, it has been and still is supported by a number of investors, partners, and employees, thanks to which the company has managed to find its place among the giants in the industry of facilitating tokenized economies. The cyberattack brings a new priority for the company, the recovery or compensation of the stolen funds. The best way to do this is by standing tall and keep growing, doubling down on these efforts to give the company the financial strength that will allow us to completely solve this issue. We will keep working on it vigorously.
Aug 7, 2020 - 20:00h
AMA -Ask Me Anything-

Question - Regarding the proposed forms of compensation, is it possible for each user to choose his or her preferred form?
Answer - Yes, it is possible to choose the preferred form of compensation. Additionally, it is possible to choose "mixed" forms of compensation. For instance, you could choose to compensate 30% of the amount in the company's equity, convert 20% in 2GT, and leave 50% to be paid back as soon as it is recovered or financed.

Q - Can you give us some kind of information showing the exact amount to be compensated?
A - Between Tuesday the 4th and Wednesday the 5th, emails were sent specifying the amounts available before and after the cyber attack. If you have not received it, or if there are any errors, please contact Founder Care. Additionally, when the final options to choose how to compensate the funds are sent, the amount will be indicated.

Q - How long will it take to clear the funds?
A - We have been working with Fellow Funders, our financial advisor, since Monday on how to set up a vehicle to launch the funding round. Our goal is to be able to launch it next week.

Q - Exactly how many BTCs and ETHs have been subtracted?
A - 114,007726 BTCs and 276,336765630644583 ETHs have been subtracted

Q - Are the users' personal data (KYC, email, password, bank details, biometrics, etc) safe?
A - A document was sent to all users this morning regarding the possible theft of personal data. The banking and biometric data and the documents collected in the KYC have not been exposed, but there is a possibility that personal data has been stolen. You can find all the details in the email.

Q - What do you plan to add or incorporate in terms of immediate security measures to prevent this from happening again, both for you and for the user? (e.g. 2FA, add more wallets for the removal of altcoins)
A - On the 2gether side we have already reinforced safety with a new EDR and a real-time monitoring system. In addition, we have restructured key components of our architecture to ensure new layers of security, also, security audits and certification procedures will be improved.
On the client side, we have been working for a few months to add new wallets and to make existing ones even more secure - although they have not been compromised. We are analyzing additional measures such as 2-factor authentication, although the current priority is to improve the security of the components that were compromised during the cyber attack.

Q - Have all crypto currencies been compromised or only BTC/ETH?
A - Only BTC and ETH.

Q - How is it possible that "all" accounts have been hacked, and why is the damage being distributed among all users?
A - The way 2gether operates - exchanges in general as well as some traditional stock trading companies such as Interactive Brokers - is to have what are called "omnibus accounts".
The way omnibus accounts work is by keeping the specific balance of crypto-currency of the users in an accounting ledger while the omnibus accounts hold the real assets aggregated and not segregated by user.

Q - While the app was closed, have wallets and euro accounts continued to receive funds?
A - Yes, the SEPA Credit Transfer system has continued to be active, as have the wallets. We have had some isolated incidents with transfers received or sent during the system restart process. If you have had any issues, please contact Founder Care.

Q - Is there any insurance of any kind that covers the damages caused by the attack in any way?
A - I wanted to go into some detail on this one, to tell you about our current situation on insurances and how the insurance environment is now in the crypto sector.

We began to look for two insurance products in 2018: one for Professional Civil Responsibility, which would cover us in professional negligence or errors, and another one for Cybersecurity, which would cover us in an event such as the one we have suffered.

We made two rounds of contacts with insurance companies available in Spain -not necessarily Spanish but from companies operating locally- and we did not get any solution. In the third round of quotes, we extended the scope to Europe, mainly to London where the main insurance market is located.

Finally, in 2019, we found a Professional Civil Responsibility insurance product with Liberty, with help from March brokers. This insurance had a coverage that excluded a large part of our crypto activity from the scope under its coverage. We could not get any company to insure the cyber security risk.

In 2020 we have continued the search for these insurance products, with help from AON - the global leader - and expanding the search scope worldwide. This time around, we have found an international insurance company called RELM, specialized in technology and digital assets, which covers the crypto part that was excluded from the Liberty insurance, but again only for Professional Civil Responsibility. We are still looking for an insurance product that covers cyber security events, even harder now as a result from the attack.

Researching similar events over the last few years, we have not been able to find one where an insurance company has taken over the costs and which we could contact. The problem is that insurance companies have no history of claims and therefore find it very difficult to put a price on the product.

We are still actively looking for insurance that can cover this type of event, hand in hand with AON and more so now, but the crypto sector is still quite helpless in terms of insurance coverage.

Q - Will this attack affect the forecasts for the 2GT broadcast?
A - During these days the whole team has been dedicated exclusively to solve the attack, redo the affected components and re-launch the platform. The launch of the token will probably be slightly delayed, but we don't expect it to be very significant. We should be able to launch the 2GT token this year.

Q - How do you plan to regain investor and user confidence?
A - First of all we would like to thank the many founders and users who have continued to show us their support and confidence. We will have to earn your trust day after day,continue working faithful to our model, working to give you the best services possible, with total transparency and trying to offer a true collaborative platform where trust is not only towards us, but towards the community and the model itself. An important point in this process of regaining trust will be when we can give back to everyone what they have lost, most of our efforts are focused on making this happen as soon as possible.

Q - If we choose to wait for you to return the funds, will you do it in Euros or in crypto?
A - Our initial idea is to do it in Euros for the following reasons:
  1. If the cryptocurrencies rise in value there will be a loss in terms of opportunity cost. However, if they drop, there will be a loss of value.
  2. If there were a crypto insurance that had covered this cyber-attack, the value would have been returned in Euros.
  3. Since we don’t have the funds now, and we are going to the markets to raise them, there is a chance that the funding raised won’t cover the full amount due to Bitcoin volatility.

Now, considering the feedback given by the community, we will try to find alternative solutions if receiving BTC and ETH is the preferred option.

Q - What are the conditions mentioned in the statement regarding receiving shares in the company on the same terms as investors?
A - In financing rounds, institutional investors usually have access to more favorable conditions than other investors. In this case we are finalizing the terms with Fellow Funders, our financial advisor, but there will be no difference between the terms that professional and individual investors will have. Next week we will be able to give you all the details, but I can assure you that the conditions will be advantageous.

Q - I don't agree with any of the 3 solutions proposed to recover my funds, why don't you offer extra compensation apart from the return of the stolen money?
A - One of the suggestions we have received is that the options should not be exclusive but that they should be partial. For example, that part of the amount can be capitalized and another part returned. We are going to implement this option. As always, we are all ears and open to ideas. For example, in this case, our first approach of compensating everyone in 2GT in addition to returning the investment did not please the community, and the community was right, the reason why we evolved to the current approach.

Q - Since the app was closed, the value of cryptomonkets has increased a lot and users have not been able to operate them as they would have liked to. Will this be taken into account in the compensation?
A - Given the volatility of crypto and the loss in terms of opportunity cost, we couldn't do anything as the security criterion of the platform was more important than this opportunity cost.

Q - If a user deletes his account before receiving compensation for his lost funds, will he be able to receive it? And how?
A - Yes, he can receive the compensation, he just has to provide the necessary data to the Founder Care team (for example IBAN where to receive the money)

Q - For cancellations prior to the hacking event, 2gether retains user data for 10 years. Is this data safe?
A - Yes, the data is stored in encrypted form on systems separate from those that have been cyber-attacked.

Q - It appears on the website that the funds are insured by regulations and guarantee with the Bank of Spain. Is it possible to clarify this text?
A - On the one hand, the Euros have not been affected by the cyber attack. On the other hand, this text refers to the fact that even if 2gether as a company were to go bankrupt, the euro deposits would not be affected.

Q - Is Kraken going to take responsibility for the theft of the crypt coins?
A - Kraken has not been compromised in any way nor does it have any responsibility for the theft of cryptomoney.

Q - Have you considered crowdfunding with the community to obtain funds in exchange for rewards?
A - Yes, we will provide more information next week, but there will be a crowdfunding.

Q - How will we be able to re-access our accounts if the passwords are compromised?
A - Since Wednesday, it is possible to access the platform, with the requirement to change the password.

Q - What was the vulnerability that caused the hacking?
A - Unfortunately we cannot disclose many details, it is information that should not be made public as it is information of great interest to criminals, and it is the responsibility of all of us to put up all possible barriers so that this does not happen again, not just to us.

Q - Are you concerned about the legal actions that may be taken against you?
A - We have always acted and continue to do so with all the responsibility and diligence we can, trying to defend the interests of all parties involved. A cyber-attack is something no one is prepared for and all the steps we have taken have always been in the interests of our users, shareholders, partners and suppliers.

Q - Has personal data been compromised?
A - It is plausible that it has been accessed. The authorities have already been duly informed and all users have been sent an email with the specific data that has been exposed.

Q - Is it possible to prove the theft by reporting it to the Guardia Civil?
A - The report was presented to the Guardia Civil's Telematic Crimes Group on Wednesday 5 August at 14:00. We have not yet been given the number of the report, as soon as we have it we will make it public.

Q - Why is the movement of the "external event" on August 2nd and not on July 31st - when the robbery took place?
A - On August 2 we managed to quantify the losses by redoing some of our internal accounting. Since we had to mark a cut-off date to take the market value, it seemed better to take that day since the crypto-currencies had gone up.

Q - Have crypto withdrawal fees been updated or are the network fees? Will you try to recover the loss this way?
A - No fees have been updated, in fact, we have never charged withdrawal fees, it is all network gas costs.

Q - Why was 27% of the overall position reported at first, and 47% on BTC and 11% on ETH reported finally?
A - The cybercriminals attacked our internal accounting system, leaving it unreliable. In the first instance we were only able to quantify the loss over the total crypto-currencies by analyzing the amounts before and after the theft. Once our accounting system was rebuilt, we were able to find out the details of which crypto-currencies were stolen.

Q - Can you guarantee that it will not happen again?
A - Unfortunately nobody is completely safe from a cyber attack, most exchanges have suffered attacks -Coinbase, Binance,...-, not even the big technological giants are safe -Twitter, Garmin, Intel,...-. What we can guarantee is that our systems will be up to the best market standards.

Aug 5, 2020 - 22:30h
Good evening.

I wanted to share with you the results from today’s relaunch of the 2gether app.

All through the morning we have been solving an issue with a critical provider that kept us working yesterday until 02:00 and that we finally solved today at 10:30. This delayed the reopening from 12:00, when it was originally scheduled, to 14:30.

Confident about the capabilities of the 2gether platform and after escalating the machines before an expectedly intense activity, we relaunched all the services without restrictions. Immediately, our connections with the exchange and with a blockchain connection provider failed. Thanks to the technical analysis from our team and to our providers’ collaboration, we progressively detected all the friction points and managed to completely stabilize the services around 19:00.

Thank you very much for your patience on behalf of the whole 2gether team, and many thanks to the 2gether team for making a successful launch possible. Tomorrow we will keep working in all fronts to arrive to a complete solution.

Best regards,

Ramón Ferraz Estrada
CEO of 2gether
Aug 5, 2020 - 12:00h
Good morning.

As we anticipated yesterday, during the following two hours we will reopen the 2gether app.

The functionality will be fully available. You will be able to:

• Buy and sell cryptocurrencies
• Deposit euros in your euro account (using card or SEPA transfer top-ups) and BTC and ETH in your wallets
• Withdraw BTC and ETH to external wallets and euros via SEPA transfers
• Make internal transfers from accounts to wallets
• Make peer-to-peer transfers with euros and cryptocurrency
• Spend euros and cryptocurrencies with the 2gether Visa card
• Withdraw euros from ATMs with the 2gether Visa card against your funds in euros or cryptocurrency

The security will be complete. During the last few days we have reinforced all the prevention, defense, monitorization, and response systems, both in our servers and in the work stations of all the employees. We have conducted an audit into all the components of our environment to confirm the absence of any possible backdoors or unauthorized software. We have reset all the platform’s systems, both those exposed to the attack and those which weren’t. We have remade all the connections and settings of the different components, microservices and databases. It has been a hard and intense job which has delayed the platform’s relaunch, where the security has been our top priority.

You will find your BTC and ETH accounts’ balances with the discounts described in previous announcements (see below), the rest of your balances have not been compromised. Each Founder / User will have received his or her specific balances in a personalized email. Please, remember we are making all the efforts to give your cryptocurrency back and that you will have the alternatives to convert your loss to the Company´s equity or 2GT as stated in the announcement two days ago. We will send you an email with all the details and with the possibility to choose among the alternatives in the following days.

We keep moving towards giving you answers for all your questions and, most of all, a complete solution to this issue.

Best regards,

Ramón Ferraz Estrada
CEO of 2gether
Aug 4, 2020 - 17:00h
Good afternoon.

Today we wanted to share with you an update about the hacking situation, details about the unauthorized access event, and security matters.

First of all, we are trying to be as transparent and communicative as possible these days concerning all the processes we are backing. Following the guidance of the agency we’re working with and from the authorities, they have asked us for maximum discretion with anything we share publicly. This special request is based on the belief that the group of criminals who accessed our systems will be monitoring the information we publish. However, we wanted to share as much as we could today under the security standards to maintain all of you informed. Keep calm, as we’ll keep updating you as long as they keep releasing details.

The external audit process is going slow, taking into consideration that these types of procedures are meticulous and they slow down particularly in August. To be clear with a specific example, to be able to start some of the audits, the presence of a notary is needed, and the only one we’ve found available these days scheduled us for today at 10 a.m.

Our servers, networks, app, the team’s PCs, etc, routinely pass security audits, external pentesting exercises, and certificates from independent companies. However, neither we nor anyone else is immune to attacks that evolve at extreme speed.

To put it into perspective, during the Covid-19 crisis cyberattacks have increased exponentially, so far we have managed to repel all of them. According to Check Point Research “Cyber Attack Trends: 2020 Mid-Year Report”, the number of cyber-attacks has grown from approximately 5,000 per week in February 2020, to over 200,000 per week in April. Crypto sector ranking as the most impacted, representing 22% of all cyber-attacks.

Our systems are robust, it is not the first attack they attempt but it is the first attack that penetrates. In the end, in terms of security, there is no state of tranquility or a limit of security measures one can take. In the near past there have been a multitude of cases of successful cyberattacks, from small companies like ours to big tech giants: Twitter just a few weeks ago, Garmin right now, other major crypto exchanges in recent years...

Going back to our specific case, one of the community's concerns revolves around password theft. We wanted to clarify a few points:

• We have no evidence that they have been stolen, but the hackers have had access to the data structures where they are stored.
• Passwords in these structures are stored encrypted using "bcrypt" algorithms. The degree of security of the said algorithm is very high, it still is unbreakable to this day and it is considered one of the safest algorithms.
• The only way to break these passwords is through brute force attacks. These attacks are based on trying to guess the passwords using predefined dictionaries, which generally contain common passwords and passwords that have been hacked and made public in previous hacks.

Given the above, if your password is robust and has never been exposed to hacking events from other systems, there should be no problem. Although for awareness and safety, we would like to recommend you change them and if you are using them in other systems, do it as well.

In fact, the general recommendation about using passwords is to never use the same password in more than one service.

Finally, although I know that it is not an easy situation and it is normal to have concerns due to the unawareness, I wanted to ask you for patience regarding the information we can reveal about the actions we are proceeding with. Trust that we have always been transparent with the community and as soon as we can give you more details, we will.

Luis Estrada
Aug 3, 2020 - 23:15h
Good evening. After the developments and analysis made in the last few hours, we bring you updates in three key areas:

App reopening

As you know, we’ve been working on preparing the app for its relaunch since last Saturday. The developments are done, but we haven’t been able to conduct tests in the production environment due to a delay in a process that’s key to guarantee a successful upload. We’ll start testing tomorrow morning, which will probably lead us to reopening the app first thing on Wednesday. If the tests are successful, we could move it forward to tomorrow evening, but I cannot guarantee that. What we will do tomorrow, anyhow, is send you a customized email with information about each Founder / user’s positions.

In the current testing stage, it is possible you might receive some notifications related to incoming transactions as we start getting services back to normal.

Loss impact per client

The amount of taken cryptocurrencies in the attack has been of around €1,183M. Allthrough the weekend, we’ve rebuilt the internal accounting of the database, and we’ve audited the illegal transactions that affected the cryptocurrency accounts. With both systems balanced, we can conclude that beyond the fact that the total harm done to the account’s funds amounts to 26.79%, the specific impact on BTC represents 47.35%, and the impact on ETH, 11.04%, with the other cryptocurrencies not havingbeen affected. These percentages will be applied in the App’s reopening.

Refund of stolen amounts

Two of our main courses of action during this crisis are trying to recover the stolen cryptocurrencies and the search for funding for all the stolen amounts. Even though we’re confident about our capability to get funding, we still aren’t in a position to offer it. In this context, two days ago we offered you the possibility of giving you 2GT to compensate the stolen funds. This decision wasn’t accepted by the people who, just like us, believe in the 2GT, due to its potential harming effect in the ICO we’ve planned for the end of the year, and neither by those who don’t see its value.For this reason, we’ve decided to introduce a different offer, it being that each Founder / user affected can choose among the following three options:

• Receiving the taken amount of funds in 2GT tokens, at the issuance price of €0.05.
• Receiving the taken amount of funds in company shares, in the same conditions in which the funding is discussed with investors.
• Waiting until the recovery of all stolen funds or until obtaining the funds needed to refund the full position.

For that, in a few days, each Founder or user concerned will receive an email in which they’ll have to choose one of these three options, with the third option acting as the default choice should we not receive a reply.

We are truly thankful for your patience and we expect to give specific replies to the questions posed to be able to make effective this proposal we’re presenting.

We keep advancing towards the total normalization of the situation.

Best regards,

Ago 3, 2020 - 17:00h
2gether - Información sobre el hackeo

* For english version activate CC option in the player.
Aug 2, 2020 - 20:00h
Dear Founders,

As you know, since last Friday July 31, we’ve been managing an extremely difficult situation which has brought us all a lot of uncertainty, caused by the hacking of a substantial part of all the cryptocurrencies available in the 2gether user accounts.

From the moment we became aware of the attack, we’ve been fighting nonstop on different fronts. First, we worked on stopping the hit, limiting the theft to ~€1.183M (which amounted to 26.79% of the positions in the cryptocurrency accounts) and preserving the integrity of the euro accounts, the BTC & ETH wallets, and the 2GT accounts. In the two days following the attack, we’ve been working on finding the funds needed to cover all positions. More specifically, and until a few minutes ago, we’ve been working with an investment group with which we sadly haven’t been able to reach an agreement.

As this was going on, we’ve been trying to share with you the most recent updates with total transparency, but still avoiding giving you fake expectations, as we didn’t have enough funds to cover said positions.

At this point, we want to offer you the solution that offers the best guarantees for your funds: we want to compensate the amount of stolen cryptocurrency (26.79% of your position before the attack) with a volume in 2GT equivalent to the issuance price of 5 cents. On top of that, we commit to keep looking, at top capacity and as soon as possible, for additional funds to make up for every single one of your cryptocurrencies. That way you’ll be able to get back the totality of your positions, and the equivalent value in 2GT tokens at issuance price.

We can assure you, with a great deal of chagrin, that if we could face this theft with our own funds, we would. In fact, we’ve been working nonstop for the last 48 hours to achieve it. It hasn’t been possible and we don’t want to delay a reply any longer.

2gether keeps being a great project that some soulless individuals have tried to thwart, but we’re confident that with your understanding and your help, we’ll move on.

Since last Friday, and while we were looking for a solution for your funds, the technical team has been working on re-establishing the app’s service with all the guarantees that there are no weaknesses, so that you can access your funds and operate freely. It’s not an easy job and, on top of that, we’re working with an external team of experts. The app will be back up as soon as possible and with all the security measures available.

In the next few days we’ll organize an AMA (Ask Me Anything) session to clarify all your questions. We hope you can see these hard times and adverse events compensated soon, whether you decide to give us the vote of confidence we’re asking you for or not.

Salvador Casquero (Chairman), Ramón Ferraz (CEO) y Luis Estrada (Director)
Aug 2, 2020 - 07:15h
Good morning.
After repelling the attack on Friday and quantifying the size of the problem yesterday (29% of the crypto accounts), today our priority is to give you a solution and reestablish the App. Sorry if at any moment we are more into solving the problem than communicating.
Aug 1, 2020 - 23:30h
Tomorrow we will continue adding more precision, but the stolen amounts as a % of the total crypto in the accounts is 29%. Remember that the wallets, euro accounts and 2GT accounts are unaffected.
Aug 1, 2020 - 20:00h
New update:
We are gathering all the information to file the report with the local authorities.
Aug 1, 2020 - 16:00h
New update:
The substracted crypto, according to our preliminary analysis, amounts to ~€1.3M.
The debit and credit cards have not been compromised, both 2gether´s and the ones used to deposit euros. 2GT tokens have not been compromised too.
Aug 1, 2020 - 13:00h
We continue working:
• Wallets are safe.
• Euro accounts are safe.
• The hack affects the crypto investment accounts.

Additionally, user passwords have been compromised. Even though they are encrypted, we recommend you change them if you are using the same ones on other platforms.
Aug 1, 2020 - 11:04h
We regret to inform that 2gether crypto accounts were hacked yesterday at 18:00. We are working to ensure that our servers are no longer compromised, to be able to reestablish the service. We will keep you informed.

This website uses 🍪 own and third parties to improve functionality and performance. To continue browsing the site, you must accept the use of cookies on this website.