Copper.co, the leading provider of institutional digital asset custody and trading solutions, issues the following statement in response to allegations of a potential security breach in 2022.

At the end of 2022, Copper was informed by one of its vendors that they had detected some concerning behaviour in their development environment. The vendor advised the Company, along with a number of their other clients, that a machine-generated alert had been triggered. This resulted in Copper conducting immediate security investigations in order to understand what had happened as is normal protocol with any security alert. The subsequent investigation determined that Copper hadn’t suffered any breach or business interruption and that no client information had been compromised.

The incident was not of a nature that required disclosure with applicable law or regulations, operations continued to run smoothly and caused no further concern to the Company.

The results of Copper’s analysis confirmed that:

• Copper’s environment and infrastructure were not compromised.

• No clients were compromised.

• No business interruption occurred.

• No data is known to have been lost.

• No vulnerability was detected inside Copper's framework.

• Copper was advised about the detection of vulnerability alongside a number of other users of an external environment; this was not specific to Copper.

• The incident was not required disclosure in accordance with applicable law or regulations.

Copper’s commitment to the highest levels of security remains and it continues to focus on servicing its customers.

- ENDS -