Major Korean Crypto Exchange Bithumb Prosecuted for Failure to Protect User Data

Published at: June 21, 2019

South Korean crypto exchange Bithumb has been prosecuted for its alleged failure to take adequate measures to protect personal information, which was later presumably exploited by hackers to steal funds from the platform. The news was reported by Cointelegraph Japan on June 19.

Prosecutors allege the data breach led directly to the second hack affecting the platform, in which almost $7 million in user funds was stolen.

As Cointelegraph has previously reported, Bithumb first notified authorities of a major data breach in late June 2017, thought to have affected around 31,000 exchange user accounts.

The data leak is believed to have originated from the computer of an unidentified company employee. Alleging that the exchange failed to implement adequate data security measures, prosecutors have charged Bithumb under the information protection article of Korea’s Information Communication Network Act, Cointelegraph Japan reports.

The leaked data of 31,000 Bithumb user accounts in 2017 reportedly included user names, phone numbers, email addresses and crypto transaction histories. Customer IDs and passwords were not, however, compromised.

Specifically, prosecutors accuse Bithumb of having stored customer data on employee computers without encryption, as well as failing to install security update software.

Bithumb issued a formal apology on April 19th, pledging to do its best to protect customers but countering prosecutors' claims of a direct connection between the data breach and subsequent hack.

This spring, Bithumb suffered its third major hack and lost approximately $13 million in an incident executives have claimed was masterminded by an insider.

A prior hack in summer 2018 was initially thought to have resulted in the loss of as much as $31 million, a figure later reduced to $17 million.

In the wake of this spring’s latest breach, Bithumb conducted a third-party audit of its funds, stating that the stolen cryptocurrency (EOS tokens) were company funds and that it had moved all remaining tokens to cold wallet storage after the incident.

As recently reported, 2019 has thus far seen seven crypto exchanges suffer large-scale hacks, among them leading crypto exchange Binance.

Tags
Related Posts
Korean Court Acquits Crypto Exchange Bithumb After Investor Filed Lawsuit Over $355K Hack
South Korean crypto exchange Bithumb has won a lawsuit in which an investor had sued the company for his loss of around $355,000 in an alleged hack. Local financial newspaper The Korea Economic Daily reported on the outcome on Dec. 24. According to the report, the investor — 30 year old civil servant Ahn Park — alleged he had been the victim of a hack of his Bithumb account on Nov. 30, 2017, which resulted in a loss of 400 million Korean won, or around $355,000. Within hours of making his won deposit, Mr. Park alleged an unidentified hacker had …
Ethereum / Dec. 26, 2018
Bithumb found ‘partially liable’ for a 2017 hacking incident
A judge in the Seoul Central District Court dismissed two claims filed by individuals against the controversial crypto exchange, Bithumb. The individuals were seeking $126,000 and $38,000 respectively for damages related to a data breach incident back in 2017. According to Fn News, plaintiffs Hong and Seo (both named only by their surname) stated that they had lost money due to a phishing attack using private data that was extracted in a hack of Bithumb. The third claimant, Jang, was granted $5,000 to cover his total loss. This amount reflects a much lower dollar value than his initial $27,200 claim. …
Bitcoin / Sept. 3, 2020
Signs Point to Inside Job in Upbit Crypto Exchange Hack, Says Commentator
Following the theft of 342,000 Ether (ETH) ($50 million) from major South Korean crypto exchange Upbit, some commentators have suggested that the hack was actually an inside job. As Cointelegraph contributor Joseph Young tweeted on Nov. 27: “The ‘hacker’ timed when UPbit was making crypto transfers to its cold wallet (other alts like TRON, etc.). Hence, I think the probability of it being an inside job is higher than external breach.” Hacker’s timing was advantageous As Cointelegraph reported, the incident was confirmed in an official statement published earlier today, which read: “At 1:06 PM on November 27, 2019, 342,000 ETH …
Ethereum / Nov. 27, 2019
Crypto Exchange Upbit Finishes Security Update in Response to 2019 Hack
Strengthening its walls after a hack in late 2019, South Korean crypto exchange Upbit has finished a security upgrade for the wallets on its exchange platform, restoring functionality once again. Upbit decided to update its defenses in response to an Ethereum (ETH) hack the exchange suffered in 2019, an Upbit representative confirmed to Cointelegraph in an email on Jan. 14, 2020, adding: “It is part of our effort to increase Upbit’s overall security since the Ethereum theft incident last November. Immediately following the incident, we suspended deposit/withdrawal services and transferred all crypto-assets to cold wallets. Since then, we’ve been revamping …
Ethereum / Jan. 15, 2020
Singaporean Exchange Bitrue Gets Hacked, Losing $5 Million in XRP, Cardano
Singapore-based crypto exchange Bitrue has suffered a major hack, losing 9.3 million XRP and 2.5 million cardano (ADA) from its hot wallet. The news was revealed in an official statement from the exchange published as a twitter thread on June 26. At the time of the breach — 1 a.m. GMT+8 June 27 — the stolen funds would have been worth over $4.5 million in XRP (valued at $0.488) and $237,500 in ADA (valued at $0.095), according to CoinMarketCap data. The exchange states that a purportedly single hacker first “exploited a vulnerability in our Risk Control team's 2nd review process …
Altcoin / June 27, 2019