The following is a guest post from George Godsal, Managing Director at REKT Partners.
It’s the number one fear of any crypto exchange: a massive hack. And in the case of Bybit, they have taken the dubious accolade of suffering the largest-ever hack in an industry blighted by hacking. Unsurprisingly, the scale of this breach at such a prominent exchange made immediate global mainstream news headlines, and has dominated crypto media and X for days.
But as the drama unfolded late last Friday evening Asia-time, a number of factors marked this as a very different kind of hack. First, the sheer size and audacity of successfully exfiltrating over 400,000 ETH—valued at around $1.5bn at the time—from the world’s second-largest crypto exchange.
Given the past performance of too many crypto businesses in times of crisis, moments like these often make me want to hide behind the sofa, fearing the inevitable car-crash communications response. But Bybit’s reaction—led from the start by the remarkably cheery, calm, and controlled CEO and co-founder Ben Zhou—was refreshingly transparent, professional, and exhibited remarkable leadership. It has been pretty much exemplary for any business of its scale, regardless of sector, and even more so considering the crypto industry’s historical track record. A true marker of the sector’s maturation—albeit a sorry reminder that even leading exchanges remain susceptible to grand-scale hacks.
Crypto communications professional perspective
For transparency, I have never had any relationship with Bybit—whether professionally or personally—so all observations I make are from an outsider’s perspective, which I’m always wary of doing. But the positive lessons from Bybit’s approach are worth spotlighting, particularly as, in my experience, leaders in crypto businesses have far too often placed way too little emphasis on robust reputation management and crisis communications.
The old adage of the three Cs that should guide crisis communications—namely Care, Control, and Commitment—was perfectly executed by Bybit.
These guiding principles have run like a bright red thread through every stage of this crisis—and it’s not over yet. From Zhou’s immediate transparency and clarity on the scale of the hack to an early livestream that demonstrated remarkable control and composure, to regular updates on the response from both Zhou and Bybit’s official channels—including updates on ETH replenishment—to the high-profile launch of the Lazarus Bounty site, which aims to galvanize support to stop hackers from laundering their stolen funds.
Yes, it’s possible to nitpick certain steps (proofreading Zhou’s initial tweet would have helped, for example), but it’s impossible not to credit Bybit for its all-round professional response. This has not only served to lessen the negative impact but has already laid the foundation for a strong reputation rebound, with trust, transparency, and leadership firmly associated with the Bybit brand. That is a remarkable achievement and a compelling example of Winston Churchill’s famous quote, “Never waste a good crisis.”
The positive impact of Bybit’s response serves the wider crypto community well too. It has shown that the industry can effectively rally to counter the continuing scourge of hacking in a way that emphasizes the maturation of the crypto ecosystem.
So, for crypto companies busy reviewing their own crisis response protocols this week—and if you’re not, you certainly should be—what communications lessons can everyone take from this?
Speed of Response
The number one reputation risk to any exchange is an exploit, so we shouldn’t be surprised when an exchange responds as well as Bybit—although, let’s face it, we are. While the specifics need to be filled in on the fly, all communications for all stages of a crisis, such as a hack and other top risks, should be drafted ahead of time, with a clear execution plan detailing team responsibilities, timeline, and task checklists. Reputation damage begins within seconds and compounds quickly, so response systems must be designed to activate just as fast and should also be routinely updated and tested.
Transparency & Message Authenticity
Bybit’s immediate transparency—led by Zhou and echoed by its official channels—helped build trust and gave a sense that, despite the hack, they were in control of the response. This got users onside from the outset. The crypto community has a particular aversion to corporate speak, so Zhou’s calm, controlled, no-bullsh*t tone was pitch-perfect. Maintaining a sense of humor throughout is also helpful, where appropriate.
Leadership
Zhou—already a prominent and popular figure in the crypto industry—will now be added to the list of brilliant communicators in a time of crisis. His remarkable composure has been widely referenced, instilling confidence in the overall response. Leading from the front with a livestream just hours into the incident—and in the middle of the night for him—was a masterstroke.
It’s important that crisis communications are not seen as a solo effort, and Bybit has balanced regular official channel updates with Zhou’s personal updates well, giving a sense of strength and resilience. (Contrast this with how FTX handled platform downtime issues back in the day, where Sam Bankman-Fried was often the only person providing updates—creating the impression that he was single-handedly managing customer service, communications, and tech.)
Beware the Hot Button of Withdrawals
Users are understandably extremely sensitive to any changes in withdrawals. If not handled properly, sudden cessation of withdrawals can strike panic into the broader market and cause a mass exodus when restored. In the heat of a crisis, this is a distracting internal debate, so it’s better to have a clear operating procedure to assuage concerns—one that’s carefully constructed and communicated during peacetime.
Stay Visible
The Bybit team may have had some much-needed rest by now, but just because the initial heat has died down doesn’t mean the crisis is over. They have kept communicating beyond the immediate crisis, demonstrating that they remain in control and are committed to seeing it through to the end. This has included regular updates and high-profile follow-up podcast appearances from Zhou.
Be Wary of Follow-Up Issues
Bybit may have handled this well from a communications perspective, but any entity that undergoes a major crisis becomes far more susceptible to other issues, even if they’re smaller in scale. Looking ahead, Bybit will need to remain extra vigilant, as the world’s media and the crypto community will be especially sensitive to previously minor issues.
Don’t Misjudge When You Think the Crisis Is Over
Just because the crisis feels over to the team handling it doesn’t mean existing and prospective users have also moved on, nor forgiven you. Proactive marketing campaigns should be immediately paused during a crisis and need to be reintroduced carefully to avoid backlash. Should Bybit be pushing user sign-ups alongside blog posts about the hack? I don’t think so.
Contagion Risk
Contagion risk is one of the most overlooked risks and should be planned for. Just because you’re one or two steps removed from— in this instance—the largest hack in crypto history doesn’t mean you’re immune to reputation backlash.
Entities like the Ethena Labs and Chainflip protocols found themselves in the spotlight, with the former describing this as “what many thought would be a worst-case scenario for USDe” and the latter temporarily disabling its front-end to prevent the flow of hacked funds through its swapping service. Ethena has got on the front foot, using this crisis as a demonstration of its strength and countering perceived weaknesses with the publication of a detailed case study on the impact of this hack—a classic judo move that should be applauded.
Final Thoughts
Bybit has provided a masterclass in crisis response—proactive, transparent, and well-led. If they maintain this level of vigilance in the coming months, they have the opportunity not just to recover but to come out stronger. More broadly, their response raises the bar for the entire crypto industry. Hacking remains a serious and ever-present risk to the crypto ecosystem, but Bybit has proven that how a company responds can make all the difference between reputational collapse and resilience.
The post How Bybit didn’t waste a good crisis appeared first on CryptoSlate.
