Harmony's incident summary says the Horizon Bridge attacker began moving bridged assets on June 23, 2022, after compromising at least two of four bridge-validator private keys. The stolen USDC, ETH, USDT, BNB, and other assets were funneled through wallet hopping and eventually into Tornado Cash while Harmony worked with Chainalysis, AnChain, exchanges, and the FBI. Harmony assessed the event as a coordinated attack against internal infrastructure rather than a smart-contract or protocol compromise, citing suspected phishing, malicious software on a developer laptop, access to non-public bridge infrastructure code, and backdoor access to servers. The report also describes post-incident measures including halting Horizon, pausing and hardening the Bitcoin bridge, expanding key sets, and tightening cloud-security controls.