XTB Boosts Cybersecurity Measures After Client Hack Claims

XTB boosts cybersecurity measures after hack incident, ensuring safer trading with refunds and mandatory two-factor authentication.

Home » XTB Boosts Cybersecurity Measures After Client Hack Claims

XTB boosts cybersecurity measures after hack incident, ensuring safer trading with refunds and mandatory two-factor authentication. Retail brokerage app XTB has pledged to refund every client who incurred losses due to cyberattacks, following a widely shared account from a Polish investor who reported losing about 150,000 zlotys ($38,000) in a hacking incident.
The Warsaw Stock Exchange-listed firm (WSE: XTB) confirmed that the reimbursements would not impact its financial performance and revealed plans to upgrade its cybersecurity infrastructure in the near future.

XTB Boosts Cybersecurity Measures Following Viral Hacking Incident

According to internal figures, just 0.017% of XTB’s user base fell victim to the cybercriminal activity. None of those affected had enabled two-factor authentication (2FA), underscoring the need for enhanced security protocols.
XTB clarified that the total value of client reimbursements is not expected to influence its financial results materially but did not disclose an exact amount. Direct communication with affected users will begin shortly to coordinate the refund process.
“Our strategy is to offer the best investment application for managing investments both passively and actively,” said CEO Omar Arnaout. “We want our clients to be confident that they can safely invest in the XTB app with long-term goals or additional retirement in mind.”
The statement comes shortly after XTB’s Q2 earnings preview, highlighting 361,000 new clients and a net profit of PLN 2.165 billion, significantly above analysts’ estimates of PLN 230–240 million.

Security Upgrade Triggered by Public Backlash

The announcement follows intense scrutiny after the client’s story circulated widely on Polish finance forums and media. The user detailed how hackers used simultaneous buy-sell orders on illiquid stocks, draining his account while enriching a second account. This triggered public concern over XTB’s security and client protections.
XTB’s shares plunged over 6%—their steepest one-day drop this year—before rebounding nearly 3%.
In response, XTB stated that its cybersecurity budget has surged 48% in 2024 compared to 2023, and CEO Arnaout assured that these investments would continue to rise in future.

Two-Factor Authentication Now Mandatory in More Markets

XTB began rolling out 2FA options in 2024, first through SMS verification. In July, following the hacking report, it added app-based one-time passcodes using tools like Google Authenticator and Microsoft Authenticator.
Mandatory 2FA has now been implemented for Polish users and will soon extend to clients in Spain and the Czech Republic. Additional European markets will follow, with 2FA enabled by default for all new accounts starting in Q4.
Company figures show only about 10% of customers currently use 2FA, suggesting more awareness is needed.

The refund initiative reflects growing cybersecurity concerns as financial platforms across Europe face escalating threats. A recent European Central Bank study flagged the financial sector as especially prone to attacks involving unauthorized logins and data breaches.
XTB is developing new features such as instant session logout, app-based account blocking, and improved behavioral monitoring.
“We understand that the financial industry must stand out with the highest standards of security and trust,” Arnaout said. “After all, institutions like XTB are where clients’ money works.”
The broker also pointed to sector-wide challenges, referencing Polish cybersecurity agency data showing 103,449 unique security incidents in 2024—a 29% year-on-year increase.

For more broker reviews, visit: Broker Reviews.

Leave a Reply

Your email address will not be published. Required fields are marked *