How Bybit did not waste a good crise

George Godsal is the Managing director at REKT partners.

The number one concern of any crypto exchange is a large hack. Bybit has the unenviable distinction of having suffered the biggest hack ever in an industry plagued by hacking. The scale of the breach at a major exchange was immediately reported in mainstream media around the world. It has dominated cryptomedia and X over recent days.  

The drama unfolded in Asia on the evening of Friday, November 30, and a few factors characterized this hack as being different. First, the sheer size and audacity of successfully exfiltrating over 400,000 ETH—valued at around $1.5bn at the time—from the world’s second-largest crypto exchange.  

Moments like this often make me hide behind the couch, for fear of the inevitable communications response. But Bybit’s reaction—led from the start by the remarkably cheery, calm, and controlled CEO and co-founder Ben Zhou—was refreshingly transparent, professional, and exhibited remarkable leadership. It has been pretty much exemplary for any business of its scale, regardless of sector, and even more so considering the crypto industry’s historical track record. A true marker of the sector’s maturation—albeit a sorry reminder that even leading exchanges remain susceptible to grand-scale hacks.  

Crypto communications from a professional perspective

For transparency, I have never had any relationship with Bybit—whether professionally or personally—so all observations I make are from an outsider’s perspective, which I’m always wary of doing. Bybit’s positive approach is worth highlighting. In my experience, crypto business leaders have often put too little focus on crisis communication or robust reputation management.  

The old adage of the three Cs that should guide crisis communications—namely Care, Control, and Commitment—was perfectly executed by Bybit.  

These guiding principles have run like a bright red thread through every stage of this crisis—and it’s not over yet. From Zhou’s immediate transparency and clarity on the scale of the hack to an early livestream that demonstrated remarkable control and composure, to regular updates on the response from both Zhou and Bybit’s official channels—including updates on ETH replenishment—to the high-profile launch of the Lazarus Bounty siteThis campaign is designed to rally support against hackers who are laundering stolen funds.  

Bybit deserves credit for its professional and comprehensive response. Bybit’s professional response has helped to mitigate the negative impact and has laid the groundwork for a reputation recovery. Trust, transparency and leadership are now strongly associated with the Bybit name. This is an impressive achievement, and a great example of Winston Churchill’s famous quote: “Never waste good crisis.”  

Bybit’s positive response also benefits the wider crypto community. The industry has demonstrated that it can unite to combat the ongoing scourge that is hacking, in a manner that highlights the maturity of the crypto-ecosystem.  

So, for crypto companies busy reviewing their own crisis response protocols this week—and if you’re not, you certainly should be—what communications lessons can everyone take from this?  

Rapid Response

The number one reputation risk to any exchange is an exploit, so we shouldn’t be surprised when an exchange responds as well as Bybit—although, let’s face it, we are. Although the details need to filled in immediately, the communication for any crisis situation, such as hacking and other major risks, needs to be planned ahead. A clear plan should include team responsibilities, timelines, and task-checklists. The damage to your reputation can start within seconds, and it will only get worse. Response systems should be designed and tested regularly and updated in order to be able react as quickly.  

Transparency & Message Authenticity

Bybit’s immediate transparency—led by Zhou and echoed by its official channels—helped build trust and gave a sense that, despite the hack, they were in control of the response. Users were immediately onboard. The crypto community has a particular aversion to corporate speak, so Zhou’s calm, controlled, no-bullsh*t tone was pitch-perfect. It is helpful to maintain a sense humor, when appropriate.  

Leading

Zhou—already a prominent and popular figure in the crypto industry—will now be added to the list of brilliant communicators in a time of crisis. The remarkable calmness of Zhou has been widely praised, bringing confidence to the overall response. Leading from the front with a livestream just hours into the incident—and in the middle of the night for him—was a masterstroke.  

Bybit’s ability to balance regular updates on the official channels with Zhou’s own personal updates gives a strong sense of resilience and strength. (Contrast this with how FTX handled platform downtime issues back in the day, where Sam Bankman-Fried was often the only person providing updates—creating the impression that he was single-handedly managing customer service, communications, and tech.)  

The Hot Button for Withdrawals

Users are sensitive to any change in withdrawals. When withdrawals are suddenly stopped, it can create panic on the market. In the heat of a crisis, this is a distracting internal debate, so it’s better to have a clear operating procedure to assuage concerns—one that’s carefully constructed and communicated during peacetime.  

Stay Visible

Bybit’s team has had a much-needed break, but the crisis is not over just because it’s cooled down. The team continued to communicate after the initial crisis, showing that they were in control of the situation and determined to see it to the end. Zhou provided regular updates, as well as high profile podcasts.  

Beware of follow-up issues

Bybit handled the crisis well, from a communication perspective. However, any entity that experiences a major issue is more vulnerable to future issues, no matter how small. Bybit needs to be extra vigilant as the media and crypto community are likely to pay more attention to minor issues.  

Don’t misjudge when you think the crisis is over

The team in charge of the crisis may feel that the crisis is over, but this does not mean the users who are already using your product or service have forgiven you. To avoid negative backlash, proactive marketing campaigns need to be stopped immediately during a crisis. Should Bybit promote user signups in conjunction with blog posts on the hack? I don’t believe so.  

Contagion risk

Contagion is one of the most underestimated risks that should be considered. Just because you’re one or two steps removed from— in this instance—the largest hack in crypto history doesn’t mean you’re immune to reputation backlash.

Entities such Ethena Labs You can also find out more about the following: Chainflip Protocols were in the spotlight. The former described this as “what was thought to be the worst-case scenario” for USDe, and the latter disabled its front-end temporarily to prevent the influx of hacked money through its swapping services. Ethena is on the offensive, using the crisis to demonstrate its strength and combat perceived weaknesses by publishing a Case study on the impact of this hack—a classic judo move that should be applauded.

Final Thoughts

Bybit has provided a masterclass in crisis response—proactive, transparent, and well-led. They have the chance to not only recover, but to emerge stronger if they maintain the same level of vigilance over the next few months. In a broader sense, their response sets a new standard for the entire cryptocurrency industry. Hacking is a constant and serious risk for the crypto industry, but Bybit’s response has shown that the way a company reacts can be the difference between a reputational collapse or resilience.