What Bybit’s $1.5B Hack Can Teach Every CEO About Crisis Management

It’s every CEO’s worst nightmare: discovering you've lost $1.5bn to North Korean hackers. 😱

That’s exactly what happened to Ben Zhou, CEO of Bybit, the Dubai-based cryptocurrency exchange hit with one of the largest hacks in crypto history.

But instead of panic, deflection, or silence, Zhou turned the crisis into a masterclass in leadership and communication.

Now, I’m not in the crypto space, so I won’t go down the rabbit hole of how the breach happened. But as someone who’s spent years advising leaders on executive branding and crisis comms, Bybit’s handling of the situation caught my attention.

What Happened?

🔶 What: On 21 Feb, Dubai-based cryptocurrency exchange Bybit was hit with one of the largest hacks in crypto history. Hackers infiltrated an Ethereum cold wallet, pilfering 401,347 ETH ($1.5bn).

🔶 How: The breach occurred during a routine transfer. Hackers used a sophisticated technique to mask the signing interface for unauthorised access

🔶 Why: The attack is suspected to be the work of North Korea’s Lazarus Group, potentially funding their nuclear programme.

🔶 So what: This breach sent shockwaves through the crypto world, highlighting persistent vulnerabilities in the space.

How Bybit (and Ben Zhou) Got It Right

Now, here’s how Ben Zhou really stood out, and why CEOs and comms teams in the non-crypto space should pay attention too:

1️⃣ Transparency and communication

Ben immediately owned the situation, addressing the community within 30 minutes. Bybit created a live stream, providing updates to calm users — and ensuring that Bybit remained the primary source of information.

2️⃣ Reassurance to users

Ben assured users that only one cold wallet was affected and that Bybit had the financial capacity to cover losses with over $20bn in assets under management, and through bridge loans from its partners.

Even when the bank run surged to $4bn, they confirmed all withdrawals would be processed — helping to stem a further liquidity crisis.

3️⃣ Collaboration with authorities and experts

Bybit worked with law enforcement and blockchain experts and researchers to track the stolen funds. They immediately got the right parties involved instead of covering things up.

4️⃣ Sense of humour

My favourite bit: Despite the gravity of the situation, Ben played it cool. The day after the breach — which he discovered at 10pm in Singapore, where he is based — he posted on X a screenshot of his fitness tracker showing normal stress levels, despite not getting any sleep. "Forgot to stress", he wrote. 😆 

💡 The Big Takeaway

This wasn’t just a story about a crypto exchange getting hacked.

It was a real-time case study in crisis leadership, reputation management, and trust-building.

Bybit didn’t crumble. They communicated, reassured, acted fast — and turned a potential catastrophe into a moment of brand resilience lauded by industry peers, and beyond.

For CEOs, founders, and comms teams across all industries, the lesson is clear: How you handle a crisis is just as important as how you prevent one