The second quarter of 2026 set a record for the number of hacks in the crypto industry: 83 incidents and $755 million in losses.

Data analysis for the second quarter of 2026 reveals a troubling trend: 83 crypto protocol hacks were recorded — an absolute record for the number of incidents in history. The total damage amounted to $755.3 million, which, however, is not the highest figure in terms of loss volume.
The largest attacks were the hack of the KelpDAO protocol for $293 million and the Drift Protocol exploit for $280 million. In the cross-chain bridge segment, damage reached $351 million, with 38% of that amount attributed to the LayerZero OFT bridge incident, which was linked to the KelpDAO attack. Another 37% of losses in this segment were caused by compromised administrative access and token price manipulation. Private key theft accounted for only 5.66% of total damage.
Despite the record number of hacks, the second quarter of 2026 was not the most expensive in terms of loss volume. The record is still held by the fourth quarter of 2020, with damages of $3.56 billion. The decline in average damage amid an increase in the number of incidents points to structural changes in the ecosystem: total value locked (TVL) decreased from $164 billion to approximately $73 billion, reducing the volume of liquidity available for attacks.
Experts attribute this dynamic to a gap between the pace of protocol development and the maturity of their risk management systems. For example, some projects use a "three-of-six" multi-signature scheme but store three keys on a single laptop, making them vulnerable. In May, THORChain developers confirmed a $10 million hack, after which they suspended the protocol's operations, including trading options and liquidity pool activities. On June 8, unknown attackers compromised the wallets of the Humanity Protocol project, causing $31 million in damage.
My analysis: The current situation highlights that the industry is facing not isolated "giant" attacks, but a constant stream of small and medium-sized incidents. This is a signal for projects: it is necessary not only to increase liquidity but also to radically improve security practices; otherwise, frequent hacks will undermine user trust.