diff --git a/CHANGELOG.md b/CHANGELOG.md
index 99806e50735..a7b997fa2ed 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -73,3 +73,4 @@ Released with 1.0.0-beta.37 code base.
 - Ensure the immutability of the `tx` object passed to function `signTransaction` (#2190)
 - Gas check fixed (#2381)
 - Signing issues #1998, #2033, and #1074 fixed (#3125)
+- Fix hexToNumber and hexToNumberString prefix validation (#3086)
diff --git a/packages/web3-utils/src/utils.js b/packages/web3-utils/src/utils.js
index 15fff414446..0b86407e7d4 100644
--- a/packages/web3-utils/src/utils.js
+++ b/packages/web3-utils/src/utils.js
@@ -230,6 +230,10 @@ var hexToNumber = function (value) {
         return value;
     }
 
+    if (_.isString(value) && !isHexStrict(value)) {
+        throw new Error('Given value "'+value+'" is not a valid hex string.');
+    }
+
     return toBN(value).toNumber();
 };
 
@@ -243,6 +247,10 @@ var hexToNumber = function (value) {
 var hexToNumberString = function (value) {
     if (!value) return value;
 
+    if (_.isString(value) && !isHexStrict(value)) {
+        throw new Error('Given value "'+value+'" is not a valid hex string.');
+    }
+
     return toBN(value).toString(10);
 };
 
diff --git a/test/utils.toNumber.js b/test/utils.toNumber.js
index ccc519a30cd..a1d7767557d 100644
--- a/test/utils.toNumber.js
+++ b/test/utils.toNumber.js
@@ -2,14 +2,22 @@ var assert = require('assert');
 var utils = require('../packages/web3-utils');
 
 describe('lib/utils/utils', function () {
-    describe('hexToNumberString', function () {
+    describe('hexToNumber', function () {
         it('should return the correct value', function () {
 
-            assert.equal(utils.hexToNumberString("0x3e8"), 1000);
-            assert.equal(utils.hexToNumberString('0x1f0fe294a36'), 2134567897654);
+            assert.equal(utils.hexToNumber("0x3e8"), 1000);
+            assert.equal(utils.hexToNumber('0x1f0fe294a36'), 2134567897654);
             // allow compatiblity
-            assert.equal(utils.hexToNumberString(100000), 100000);
-            assert.equal(utils.hexToNumberString('100000'), 100000);
+            assert.equal(utils.hexToNumber(100000), 100000);
         });
+
+        it('should validate hex strings', function() {
+            try {
+              utils.hexToNumber('100000');
+              assert.fail();
+            } catch (error){
+              assert(error.message.includes('is not a valid hex string'))
+            }
+        })
     });
 });
diff --git a/test/utils.toNumberString.js b/test/utils.toNumberString.js
index 680122cf461..6c4acaad9ee 100644
--- a/test/utils.toNumberString.js
+++ b/test/utils.toNumberString.js
@@ -9,7 +9,15 @@ describe('lib/utils/utils', function () {
             assert.equal(utils.hexToNumberString('0x1f0fe294a36'), '2134567897654');
             // allow compatiblity
             assert.equal(utils.hexToNumberString(100000), '100000');
-            assert.equal(utils.hexToNumberString('100000'), '100000');
         });
+
+        it('should validate hex strings', function() {
+            try {
+              utils.hexToNumberString('100000');
+              assert.fail();
+            } catch (error){
+              assert(error.message.includes('is not a valid hex string'))
+            }
+        })
     });
 });