South Korea’s fourth largest Ethereum and Bitcoin cryptocurrency exchange company lost “billions” of won to cyber hacking.
Bithumb is considered to be one of the busiest exchanges today. The company is the fourth largest cryptocurrency exchange in the world in terms of volume and the second largest Ethereum exchange company, next to China’s OKCoin.
Currently, Bithumb holds over 75% of South Korea’s bitcoin market by volume and facilitates more than 13,000 worth of bitcoin trades daily. The company also owns 44% of the country’s total Ethereum trade.
On Friday, the state-run Korea Internet & Security Agency received a report from Bithumb that the company suffered from customer data leakage. Yonhap News, a local news agency, reported that the security firm has already teamed up with the Korea Communications Commission to investigate the hacking incident.
The security breach affected only 3% of Bithumb’s customers. However, local media reports said that affected customers suffered financial damages after their information was leaked. Based on a survey of people who claimed to lost money, the monetary damages range from a million up to 1.2 billion won. Specific details of the hacking incident are still limited, but it is estimated that more than 30,000 customers were affected.
As of writing this, Kyunghyang Shinmun, another local newspaper, reported that around 100 users already filed their complaints with the National Police Agency.
In a statement released by Bithumb on their website, the company claimed that an external infringement accident caused the hacking incident. The company assured its clients that the server, internal network, virtual wallet, and all members’ original and virtual currency deposits are kept safe.#Bithumb hacked! All confirmed victims get monetary compensation.Click To Tweet
No Direct Access to Bithumb Accounts–Hackers Resort to Voice Phishing
Bithumb clarifies that only a single person’s computer was hacked and not the entire company network. While some victims claim that their accounts were wiped empty of funds, the company states that it is impossible for the hackers to access user accounts directly.
On a statement provided to Brave New Coin, Bithumb said:
“The employee PC, not the head office server, was hacked. Personal information such as mobile phone and email address of some users were leaked. However, some customers were found to have been stolen from because of the disposable password used in electronic financial transactions.”
Apparently, hackers have been calling the victims saying that they are from Bithumb.
To gain access to their accounts, the culprits inform the victims of a suspected account breach and ask for their identification number–a one-time password provided by Bithumb. Once the hackers received a victim’s password, they access the account immediately and steal all the funds.
On Monday, Bithumb released a statement informing the victims that the company will provide compensation amounting to 100,000 won per person. Bithumb also stated that those who suffered additional damages would receive reimbursement amounting to the entire amount of damages.
This is not the first incident of cryptocurrency exchange hacking in South Korea. A few months ago, Bitcoin exchange company Yapizon was hacked, and over 3816.2028 Bitcoins were stolen.
Cryptocurrency has no legal standing in South Korea. Thus, the question of whether a Bitcoin exchange company can be kept liable in cases like hacking is still an issue in the country.