One of the largest Japanese cryptocurrency exchange – Coincheck, was the victim of a massive hack resulting in a loss of 523 mln NEM coins, worth approximately $534 mln.
The coins were stolen through several unauthorized transactions from a hot wallet at 3:00 am local time on Friday, Jan. 26.
Following the hack, the Coincheck exchange has hosted a press conference to provide the details of what has happened and what’s coming next.
Private key was stolen
The hack only involved NEM, no other cryptocurrencies.
According to the representatives of Coincheck, the hackers stole the private key for the hot wallet where NEM coins were stored, enabling them to drain the funds.
All the stolen money belonged to the customers of the exchange. The ‘inappropriate’ movement of the funds was reported by Coincheck to Japan’s Financial Services Agency, as well as the police later on the same day.
Shortly after the breach, the company halted all withdrawals from the site. It wanted to stop any further damage to its funds. When asked whether they will begin allowing “at least” fiat currency withdrawals soon, Coincheck replied that that will be done after they have determined the best way to proceed.
It has come to light that the funds were being stored on a simple hot wallet. Not on a much more secure multisig wallet.
Representatives of Coincheck have claimed that the security setup differs between various coins on the exchange.
Other cryptocurrencies on the site are currently stored in multisig wallets, but the NEM was not. When pressed by the media, the company insisted that “security standards were not low,” however the lack of multisig protection for NEM may indicate the opposite.
The company made clear that they use various wallet types for housing different assets. Specifically, Bitcoin and Ether are stored in cold storage wallets, with Bitcoin additionally having a multisig address. Ether, “given its nature,” is not stored on a multisig wallet.
According to their statement, more than half of Coincheck’s 80 permanent employees work on systems development, including security.
Coincheck claimed that it knows the address where the stolen NEM is currently being stored by the hackers. It is hoping to be able to track the culprits.
The company cannot currently disclose how many users were affected. They have, however, expressed a desire to refund all the money that was lost.
When asked whether they are going to resume operations or will have to declare bankruptcy, Coincheck said that ‘in principle’ they plan to keep operating.
The exchange has expressed a desire to refund all lost funds. They nevertheless are still considering how to approach the situation. Per the press conference, the “worst-case scenario” would be that the funds can never be returned.
When asked whether they have any words for the customers, Coincheck representatives have said that they “deeply regret” what happened.