Foundation member private keys compromised, 280+ wallets drained and 100M tokens minted on BNB Chain
On June 9, 2026, Humanity Protocol suffered a catastrophic security breach after attackers compromised the private keys of a Humanity Foundation member. The attacker drained more than 280 project-linked wallets, stealing approximately 187.6 million $H tokens worth over $30 million. The breach extended to BNB Chain where the attacker seized proxy admin control of the H token contract and minted an additional 100 million H tokens worth approximately $12.9 million. The H token crashed nearly 90% from ~$0.70 to ~$0.05 within hours. Founder Terence Kwok confirmed the incident and urged users to avoid the bridge and liquidity pools.
Stolen assets were converted to roughly 16,500 ETH (~$27.5M) and 2,700 BNB (~$1.6M), moved to fresh wallets to obscure the trail. The attacker sold stolen H tokens through Kyber Network and PancakeSwap. On BNB Chain, the attacker minted 100M H tokens and transferred them to a fresh wallet. As of latest data, the attacker held approximately 18,079 ETH (~$30M) and 2,443 BNB, with approximately 111.36M $H tokens (~$14M) still held ready to sell. No funds recovered.