$31 000 000 USD

JUNE 2017




“Hackers have stolen user data … from Bithumb, one of the top five biggest Ethereum and Bitcoin cryptocurrency exchanges” “The exchange has a 75.7 percent share of the South Korean bitcoin market, with a daily trading volume of over 13,000 bitcoins. It is also the world’s largest ethereum market and accounts for around 44 percent of South Korea’s ether trading.” "A cyber attack late last week resulted in the loss of billions of won from customers accounts...Hackers succeeded in grabbing the personal information of 31,800 Bithumb website users, including their names, mobile phone numbers and email addresses." “At the time, Bithumb was the world’s fourth largest bitcoin exchange and the largest exchange in South Korea, accounting for over 75% of bitcoin trading volume in South Korea. The hack was traced back to a single employee’s compromised PC. Many users reported having millions of Won disappear from their personal accounts overnight.” “Bithumb said that the thieves stole a database of user information off the personal computer of an employee, rather than off the company’s internal network. The attackers allegedly nabbed the names, email addresses, and mobile phone numbers (no passwords, apparently), of more than 31,800 customers, according to a Monday report from Yonhap, a South Korean news wire.” “According to the 'Meeting People Lost With Bithumb Hacking,' which was formed on the 27th of [June], it is estimated that hundreds of hundreds to hundreds of billions of money were withdrawn from accounts of more than 100 investors. One member claims to have robbed 1.2 billion won.” “One victim claims that the attacker posed as an executive at Bithumb and phoned to say that he was "suspicious of a foreign hacking transaction,” and instructed his victim to give him an “identification number written on the letter from Bithumb.”” “Apparently, the crooks phoned Bitcoin holders pretending to be Bithumb bosses, and convinced some of their marks to hand over one-time passwords granting access to their money stores.” “The security breach is believed to have occurred in February of this year, discovered on June 28, and the authorities were alerted the very next day. Now people are being told to change their passwords as a precaution, and have been assured they will be reimbursed if any of their cyber-dosh has gone missing – plus about 90 bucks each in compensation for having their personal info carelessly spilled.”

Company policy apparently allowed an employee to “take home” customer records, and this employee had security faults on their PC. One would assume that an exchange would invest in additional precautions to protect traders, with explicit confirmations when funds are being withdrawn, especially if withdrawal wallet addresses are changed or added, and access is happening from an unexpected location. However, from screenshots online, it appears that the text messages only say “BITHUMB Verification Code” and are sent via SMS. Then, between the breach in February, and the detection in June, 4 months passed. During this entire time, one would assume that multiple customers would have reported funds missing. Apparently, it took all these people getting together and organized with each other before something was done. In the end, this situation resulted in a full reimbursement for all customers of what they’d lost, with additional reimbursement for the privacy breach.

Sources And Further Reading

 For questions or enquiries, email info@quadrigainitiative.com.

Get Social

  • email
  • reddit
  • telegram
  • Twitter

© 2021 Quadriga Initiative. Your use of this site/service accepts the Terms of Use and Privacy Policy. This site is not associated with Ernst & Young, Miller Thompson, or the Official Committee of Affected Users. Hosted in Canada by HosterBox.