Earlier today, January 26, popular Japanese cryptocurrency exchange Coincheck was hacked, and saw over 500 million NEM tokens, then worth around $533 million, being taken by unknown hackers. The security breach, now being called the “biggest theft in cryptocurrency history” also saw $123 million XRP leave company wallets, a move believed to come from Ripple protecting its assets.
According to news source Asahi, the Tokyo-based cryptocurrency exchange admitted that instead of storing its funds in a secure cold wallet, the exchange kept the now stolen NEM tokens in a simple hot wallet. As reported by Core Media, crypto exchange Youbit only lost 17 percent of its funds when hacked, as the rest was in its cold wallet.
Various tweets seem to indicate that the exact amount of stolen funds is still unknown, as Coincheck only confirmed XEM was missing from its wallets. In response to the attack Coincheck halted its operations, but then revealed it was going to resume them and reimburse users for their losses.
Currently, credit card, Pay Easy, and convenience store payments are suspended. We sincerely apologize for these inconveniences and will continue to do our best to be back to normal operations as soon as possible.
— Coincheck (@coincheck_en) January 26, 2018
Coincheck has already reported the theft to Japan’s Financial Services Agency (FSA) and to local authorities. Notably, the exchange wasn’t registered with Japan’s FSA, a regulator that oversees cryptocurrency exchanges in the country. Other Japanese exchanges, including bitFlyer and Quoine, are regulated by the agency.
In a press conference, the company asserted it uses various wallet types for different cryptocurrencies, implying only NEM was unsafely stored in a simple hot wallet. Below, is a reporter’s summary of that press conference:
Main takeaways from Coincheck press conf:
– only NEM impacted
– plans to continue operating, restart trading
– not clear on plan to repay customers
– no multisig?
– wouldn’t admit security was weak
– not sure how hacked, if domestic or foreign hackers
– CEO barely spoke
— Yuji Nakamura (@ynakamura56) January 26, 2018
NEM won’t hard fork in light of Coincheck breach
Reacting to the occurrence, NEM Foundation president Lon Wong stated this was the “biggest theft in the history of the world.” Wong then added that the hack had nothing to do with NEM itself, blaming it on Coincheck.
He further asserted that NEM won’t hard fork to freeze the stolen funds, which means the hackers may be able to cash out their tokens. He stated:
“As far as NEM is concerned, tech is intact. We are not forking. Also, we would advise all exchanges to make use of our multi-signature smart contract which is among the best in the landscape. Coincheck didn’t use them and that’s why they could have been hacked. They were very relaxed with their security measures,”
Once the NEM theft became public, the cryptocurrency’s price started tanking. In a short amount of time, it went from a $1.03 24-hour high to about $0.83. It since started slowly recovering, to about $0.85 at press time.
Featured image from Coincheck press conference, by mineCC.