Hackers have reportedly made away with cryptocurrencies worth $30 million from Bithumb, South Korea's leading exchange, according to reports from a blog update. The exchange states that due to the hack, deposits and withdrawals will be temporarily suspended until further notice.
Bithumb’s blog post reads "Due to security issues; we are changing our system regarding deposits of cryptocurrency. All of our customers should stop depositing cryptocurrency until we notified that it is safe to deposit cryptocurrency."
The Hack
In its announcement, Bithumb didn’t disclose the exact details of the coins that were affected in the hack and in what quantities. We also don’t know the exact cause of the breach, but a local news outlet is reporting that investigators from South Korea's National Police Agency have begun a formal investigation into the case.
In an update shared on Twitter, Bithumb had stated that it would compensate affected users. Though the original tweet from Bithumb has since been deleted, the information was also sent to users via email in a move to clear doubts and uncertainty.
Twitter user RedDragon___ posted an email screenshot which reads, “We noticed that between last night and today early morning, about 35,000,000,000 KRW worth cryptocurrencies have been stolen. However, this loss will be compensated by Bithumb’s own reservoir, and all assets of our customers are securely saved in Bithumb's cold wallet, hence all asset is completely safe and secured."
Bithumb also reported that assets are being transferred to a cold wallet while they “build up the security system and upgrade DB. Starting from 15:00 pm(KST), we will restart our services.”
Mitigating the Damage
Bithumb had managed to preempt what it interpreted as an imminent attack on its server by moving a large number of cryptocurrencies to its cold wallet after noticing the "number of unusual access attempts" had increased, which led it to "strengthening security."
It announced a server check that was expected to "build up the security system," but the maintenance time scheduled from 5:20 a.m. KST to 9:00 a.m. KST took more time than it should have.
The recent hack is Bithumb's second attack this year and the third attack on a South Korean cryptocurrency exchange. As reported by Bitcoin Magazine earlier this month, South Korean Conrail lost around $40 million to hackers where lesser known tokens such as PundiX were stolen.
“The fact that most exchanges allow their users to create incredibly weak passwords should serve as a wake-up call to the entire industry,” says Emmanuel Schalit, CEO at Dashlane, a password manager app.
Creator of Litecoin, Charlie Lee, warned users once again to "only keep on exchange coins that you are actively trading."
At press time, Bithumb is currently trading over $364 million in 24-hour trading volume, according to data from Coinmarketcap.