Cryptocurrency exchange under scrutiny after massive theft
A Tokyo-based cryptocurrency exchange is coming under the scrutiny of Japanese regulators after hackers pulled off what may be the largest cryptocurrency theft to date.
The hackers made off with hundreds of millions in virtual currency from the exchange, Coincheck, on Friday.
Japan’s financial regulator, the Financial Services Agency (FSA), on Monday ordered the exchange to “improve business operations” following the “illicit transfer,” Coincheck announced in a blog post.
The FSA ordered Coincheck to investigate the incident, submit a written report, provide proper support to customers, and to strengthen and develop new methods to prevent future thefts. The agency gave the exchange a Feb. 13 deadline to comply.
“In moving towards reopening our services, we are putting all of our efforts towards discovering the cause of the illicit transfer and overhauling and strengthening our security measures while simultaneously continuing in our efforts to register with the Financial Services Agency as a Virtual Currency Exchange Service Provider,” Coincheck said.
Reports vary on the how much NEM, a type of cryptocurrency, the hackers snatched from the exchange, with estimates ranging from $400 million to $530 million.
Coincheck, which describes itself as “the leading bitcoin and cryptocurrency exchange in Asia,” pledged to provide a partial refund to the roughly 260,000 users affected by the theft, but did not offer a timeline.
The theft could be the biggest cryptocurrency heist on record, possibly bypassing the estimated $400 million bitcoin lost in the 2014 Mt. Gox heist.
The site, which suspended its trading in cryptocurrencies except for bitcoin, has apologized that the theft caused “immense distress to our customers, other exchanges, and people throughout the cryptocurrency industry.” The exchange offered their “deepest and humblest apologies to all of those involved.”
The exchange stored the NEM coins in a “hot wallet” rather than the more secure “cold wallet” that operates outside the internet, Reuters reported, citing Coincheck.
In April 2017, Japan began requiring cryptocurrency exchange sites to register with the government. Those operating before the registration requirement went into effect were able to continue offering their services during the approval process. Coincheck’s application is still reportedly pending.
The attack comes as cyber thieves are increasingly targeting virtual currencies which have spiked in value. Those changes have raised new questions over how the government should regulate the growing industry.
Copyright 2024 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed..