Ice Open Network reported on April 15 that four former partners tied to a third‑party service provider accessed an external identity server and leaked user emails, 2FA phone numbers and other identity‑linked data. The team says this was insider misuse of outsourced operations (not a protocol hack); funds, private keys and wallets remain safe. The company has filed complaints with the Information Commissioner’s Office and is pursuing legal action; a technical migration on April 21 aims to strengthen security but may cause temporary Online+ disruptions. The incident follows an April 7 $ION token crash (93% drop) blamed on a service‑provider token dump; the team has cut costs 89%, reduced headcount and issued an 8‑week recovery roadmap. The breach arrives amid a wider spike in crypto incidents (~$606M lost across protocols in early April 2026).

Negative sentiment is driven by confirmed insider access to an identity database leaking emails and 2FA phone numbers and the connection to prior token market disruption (April 7 $ION 93% crash blamed on a service‑provider dump). Impact is moderate because the team says wallets/funds were not compromised and legal/technical remediation (ICO complaint, migration) is underway, but the breach and prior market crash create plausible short‑term selling pressure.