The token of Humanity Protocol, a blockchain project focused on biometric Proof-of-Humanity verification using palm scans and zero-knowledge proofs, lost nearly 90% of its value within hours on Tuesday after attackers drained tens of millions of dollars from wallets linked to the project.
The losses exceeding $30 million (with some estimates reaching $31M–$32M+). The $H token price collapsed from recent highs near $0.73–$0.85 to as low as $0.05–$0.08. The incident did not involve any smart contract vulnerability. Instead, it stemmed from compromised private keys belonging to a member of the Humanity Foundation, according to the project team.
We’re aware of a security incident involving the compromise of private keys belonging to a member of the Humanity Foundation. The safety of our community is our top priority, and we want to be fully transparent about what we know.
As a precaution, please do NOT interact with the…— Humanity (@Humanityprot) June 9, 2026
Private key compromises remain one of the most damaging attack vectors in crypto, as attackers can gain direct control over project-linked assets without exploiting the underlying protocol. Similar concerns were recently highlighted during the TesseraDAO hack, where a security incident led to millions in losses and significant pressure on the TSR token.
PeckShield first flagged large-scale draining activity across multiple wallets (around 17–19) that had previously interacted with Humanity’s contracts, bridges, and staking pools. On-chain investigator SpecterAnalyst identified several drained wallets, including:
- 0x456Cb73b35022E4B524e5510807776453d984AeF
- 0xee4B6B8967Aa947ac3aEf540eE07ea6099C566F7
- 0xAf2a4989922299EB14A29E332dad1012A8aaD3A0
- 0x1dfe5cF3ED5a0AC82FDD0bFCdaC7B6C6323f844a
- 0xD1ea823D421E0c829ee11F772AF487fd352678EA
(Additional wallets were also affected.)
The attacker swapped the stolen $H tokens into ETH and BNB. On-chain data shows the hacker converted roughly 187 million $H tokens. The attacker also minted approximately 100 million additional $H tokens on BNB Chain during the incident.
In an official statement, Humanity Protocol confirmed the breach originated from a Foundation member’s private keys. Founder Terence Kwok emphasized that the core protocol and smart contracts were not exploited. The team advised users to immediately avoid bridges and liquidity pools, revoke token approvals, and rely only on verified official channels for updates. They are currently working with security firms and exchanges to contain the damage and track the funds.
The incident occurs shortly after the project experienced strong momentum in the Proof-of-Humanity and AI-identity sector. In recent weeks, $H had emerged as one of the stronger-performing tokens in the market, outperforming several notable assets including Audiera, DEXE, and JST amid growing investor interest and ecosystem developments. The project had also announced recent integrations and a revised vesting schedule that included an early unlock option for some investors around June 25. However, Tuesday’s security breach abruptly reversed that momentum and triggered one of the token’s sharpest declines since launch.
The incident occurs shortly after the project experienced strong momentum in the Proof-of-Humanity and AI-identity sector, along with recent integrations and a revised vesting schedule that included an early unlock option for some investors around June 25.
As of June 9, 2026, the $H token is trading at approximately $0.12 – $0.124, representing a ~83% drop in the last 24 hours. The token has lost nearly 90% from its recent all-time high near $0.84–$0.85. Market capitalization now stands at roughly $225 million (down significantly from pre-incident levels), with 24-hour trading volume surging to over $600 million due to intense panic selling. Trading volume for $H surged into the hundreds of millions as panic selling intensified. The sharp drop wiped out a large portion of recent gains. Liquidity providers and bridge users are at heightened risk, prompting the team’s strong warning to avoid project-related pools and bridges until further notice.
This event highlights a common vulnerability in crypto: even projects built on advanced identity and security narratives can be impacted by traditional private key compromises through phishing, malware, or operational security lapses. Humanity Protocol aims to provide verifiable unique human identities using palm-scan biometrics while preserving privacy. A security incident of this scale could temporarily challenge user confidence in the project and the broader Proof-of-Humanity narrative.
The breach also adds to a growing list of major crypto security incidents reported in recent months, reflecting how operational failures, wallet compromises, and cross-chain vulnerabilities continue to affect projects across the industry.
The foundation has promised a full investigation and post-mortem report. Key details still awaited include the exact permissions held by the compromised keys, the full extent of any minting activity, fund tracking, and potential recovery or compensation measures.
