CoinStats attributed its June 22, 2024 wallet breach to Lazarus Group or a related nation-state-level organization after reviewing evidence with law enforcement and security researchers. The attacker gained unauthorized access across CoinStats infrastructure and service providers, including HashiCorp Vault holding CoinStats Wallet 2FA PINs and a third-party wallet service provider API. The intrusion exposed private keys for 1,590 CoinStats Wallets and led to about $2.2 million in stolen cryptocurrency, while CoinStats said connected wallets and exchange accounts used only for portfolio tracking were not affected.