My Mintos Account Was Hacked: €18,000 Gone in Two Hours

Author avatar By Samuel, 11 December 2024

The following report was submitted by a reader who wishes to remain anonymous but has shared their full details with us prior to publication. The opinions and experiences expressed are solely those of the reader and do not necessarily reflect the views of BeyondP2P:

I’ve been an active investor in P2P lending for years, exploring various platforms and asset classes, but Mintos has been my primary choice since 2015. That was until something shocking happened recently. I’m going to share my story to warn others and raise awareness about serious security flaws that could affect other Mintos investors.

A few weeks ago, my Mintos account was hacked. The attackers didn’t just gain access; they went further, creating a fake bank account in Slovakia under my name without my knowledge. Here’s how it unfolded:

  1. They deposited a small amount from the fake account under my name to make it look legitimate.
  2. They liquidated a substantial portion of my portfolio, mostly auto-invest investments.
  3. Finally, they withdrew over €18,000 across 3 quick euros transactions as they liquidated my portfolio.

These 3 actions all happened within less than two hours during the night.

What’s truly alarming is how Mintos handled this situation. These massive, high-risk withdrawals were processed instantly. No checks, no delays, no additional security verifications, even though they followed the suspicious addition of a new beneficiary. Most financial institutions would flag or slow down such actions, yet Mintos processed everything without hesitation.

When I reported the fraud, their response was to blame me for not enabling two-factor authentication (2FA). But here’s the catch: Mintos doesn’t mandate 2FA, not even for critical actions like adding a new account or making large withdrawals, which are both processed immediately nonetheless. While I understand the importance of 2FA, Mintos cannot dismiss their responsibility so easily and shift all the blame onto the investor. Allowing users to proceed without 2FA, permitting simple passwords, and failing to implement verification or monitoring protocols are glaring shortcomings that directly enabled this attack to succeed. This is not just about user error, it’s a failure of Mintos’ system.

After digging deeper, I learned I wasn’t alone. Other investors have experienced eerily similar attacks. Another investor I spoke with following my Reddit post experienced the same pattern, as does a third one according to a two-year-old review on Trustpilot: a compromised Mintos account, a fake bank account in another country, and portfolios drained within hours. Many of us, including myself, used strong, unique passwords, so the idea that this is solely user error doesn’t add up.

Despite being aware of these systemic vulnerabilities, Mintos has refused to compensate me or other victims. They’ve taken no steps to strengthen fraud detection for that known attack pattern, enforce 2FA, or introduce verification protocols and delays for high-risk transactions. It’s negligence, plain and simple. If other financial platforms can prioritize security, why can’t Mintos?

I’m now collaborating with other victims to explore collective legal action to obtain compensation for our losses, but I also believe the community needs to know about these risks. By sharing my story, I hope to warn other investors, push for stronger security measures, and hold Mintos accountable.

If you’ve faced something similar or have advice on the best next steps, please reach out to me at investorscomplaintmintosfraud@gmail.com. Together, we can demand better and ensure platforms like Mintos treat investor security with the seriousness it deserves.

Made with 🍅🥖️ near Barcelona

Legal Notice

This is not an offer to invest. Investing in financial instruments involves risk. No investment is guaranteed, and there is always a risk of partial or full loss of invested funds. This information is not investment advice or a recommendation. All investment decisions shall be made by you independently, taking into account all your personal circumstances. BeyondP2P earns commissions from platforms when you sign up through our affiliate links. This can influence how prominently platforms are displayed, but we strive not to let it influence us on how we write about them.

© 2025 beyondp2p.com