Kontigo, the stablecoin neobank focused on emerging markets, detected an unauthorized access on January 5 that affected 1,005 users’ funds totaling US$340,905 in USDC. The fintech, which had just announced the closing of a US$20 million seed round two weeks ago, responded immediately by committing to refund 100% of the impacted amounts.
The incident comes amid a period of growth for the startup founded by Jesús Castillo and Gino Guatavita in 2023. The company reached US$30 million in annualized revenue, processed more than US$1 billion in payment volume and surpassed one million active users in less than 12 months.
The case of Kontigo becomes a relevant example for founders about how external factors can impact the momentum of a startup that is on the rise, but also about the importance of transparent communication in times of crisis.
How Kontigo responded to the security breach
Kontigo immediately isolated the involved systems and activated security protocols upon detecting suspicious activity. Kontigo’s security team conducts a thorough infrastructure review. In official statements published on social networks, the fintech confirmed that it identified 1,005 affected users with a total of USDC 340,905.28 in impacted funds.
Kontigo’s response to the security breach offers a case study in crisis management in the startup ecosystem. Instead of downplaying the incident or delaying communication, the company opted for immediate transparency with regular updates every few hours.
This communication strategy contrasts with other cases in the crypto industry where companies take days to recognize security breaches. Kontigo published specific numbers on affected users, impacted amounts, and clear refund commitments, reducing speculation and maintaining the trust of its community.
Closing of round before the incident
The timing of the security breach is particularly significant. On December 22, 2025, just two weeks before the incident, Kontigo announced the closing of a US$20 million seed round led by FoundersX Ventures, with participation from DST Global, Soma Capital, Coinbase Ventures, Y Combinator and other prominent funds in the fintech ecosystem.
This investment valued the company at US$100 million and was intended to expand teams, launch additional features and accelerate expansion efforts. The incident exemplifies how external factors can interrupt the momentum of a startup on the rise. Kontigo had just announced impressive metrics and closed a round, but a cyber attack within days can change the narrative completely.
Lessons for founders: when everything is going well until it isn’t
Kontigo’s case illustrates an uncomfortable reality of entrepreneurship: success does not guarantee immunity from external crises. A startup can perfectly execute its strategy, raise capital from tier-one funds and achieve exponential traction, but external events such as security breaches, regulatory changes or macroeconomic crises can radically alter the trajectory.
The difference is in how you respond. Castillo publicly took full responsibility for the incident, calling it a direct attack on the platform’s leadership and its customers. He warned that they “know” who the attackers are and that “they will not go unpunished”, showing determination without compromising the seriousness of the response and transforming a potentially devastating crisis into a test of resilience.
For other founders, the incident underscores the importance of maintaining sufficient capital reserves, investing in robust security infrastructure early on, and developing crisis communication protocols before needing them. In fintech and crypto, where trust is everything, the speed and transparency of the response can determine whether a startup survives an attack.
