Humanity Protocol exploit drains $32M, H token crashes 89%!

Wallets linked to Humanity Protocol have been drained of over $32 million in an ongoing exploit, onchain analyst Specter flagged on Monday. Initial estimates placed losses at around $5 million across 17 affected wallets, but a follow-up update confirmed the total had widened sharply. Of the stolen funds, $23.7 million has already been swapped for Ethereum, while approximately $7.9 million remains in Humanity's native H token.

Terence Kwok, founder of Humanity Protocol, acknowledged the breach on X, attributing it to the compromise of private keys belonging to a member of the Humanity Foundation. "We're already working with security experts and our exchange partners on resolution," Kwok wrote. "We're deeply sorry — protecting this community is our responsibility."

Why it matters

Humanity Protocol is a decentralized identity verification project that uses biometrics and zero-knowledge proofs to let users prove their humanness without exposing personal data. A private key compromise at the foundation level — rather than a smart contract vulnerability — raises serious questions about operational security practices at projects handling sensitive identity infrastructure. Specter noted the root cause remains unknown but that affected wallets appear to share a common exposure tied to Humanity Protocol.

Market impact

The H token has collapsed 89% in the past 24 hours, according to CoinGecko data, as news of the exploit spread. The rapid conversion of $23.7 million into Ethereum signals the attacker is actively liquidating, which could sustain selling pressure on H in the near term. Investors should watch for further updates from Kwok and any exchange-level freezes on H token withdrawals as the situation develops.