Japanese Cryptocurrency Exchange Loses $530 Million to Hacking
A major Japanese cryptocurrency exchange reported the loss of about 58 billion yen (534 million USD) to a hacking attack carried out in the early morning hours of Friday, Jan. 26, 2018.
Coincheck, Inc. CEO Koichiro Wada made the announcement at a Tokyo press conference held on late Friday, Jan. 26, detailing that Coincheck had discovered a significant negative difference in balance of its NEM virtual currency assets at about 11:25 AM the same day — nearly eight and a half hours after the hacking incident — which led to Coincheck issuing a temporary halt in all NEM trading at 12:07 PM, leading to an exchange-wide virtual currency trading, deposit, and withdrawal freeze by 5:23 PM. Coincheck reported the incident to Japanese police and Japan’s Financial Services Agency within the day.
News of the massive theft drove cryptocurrencies down in following day of trading, with NEM — the tenth-largest cryptocurrency by market value — dropping nearly 11% of its value to trade at 0.87 USD by 2:30 PM Tokyo time Saturday. Bitcoin slipped a little over three percent in the same time, trading at 10,987.7 USD by Saturday afternoon.
Speculation over the future of Coincheck carried over into the weekend among media reports that Coincheck was going to compensate the 260,000 customers affected by the hacking incident with over 410 million US dollars — a number that was later raised to 426 million US dollars by a Coincheck spokesman in a statement issued on Sunday, Jan. 28. While the spokesman asserted that Coincheck would reimburse affected customers with its own funds, the spokesman declined to give a firm timetable for paying out reimbursements. Coincheck executive Yusuke Otsuka, in a separate press conference on Sunday, noted that the stolen NEM coins had not been converted to cash, thus opening the possibility of tracing and potentially reclaiming the lost cryptocurrency.
Japan is East Asia’s premier cryptocurrency trading market, with daily market trading volume dwarfing the US and South Korean markets. China, formerly the largest market by activity for cryptocurrency trading, banned all cryptocurrency exchanges in Sept. 2017 and began to escalate its crackdown on “alternative venues” for cryptocurrency trading on Jan. 15, 2018.
While South Korea’s justice minister announced that legislation was in the works to ban virtual currency trading on Jan. 11 — causing turmoil in the cryptocurrency market and much consternation on Korean social media — Finance Minister Kim Dong-yeon stated on Jan. 30 that the South Korean government had no intention of banning or suppressing the burgeoning South Korean cryptocurrency market and would instead be focused on market regulation, a stance that echoes previous pushes by Seoul for broader regulatory oversight over a volatile and immensely speculative market.
Tokyo’s prior experience with the Mt. Gox cryptocurrency exchange — which collapsed in February 2014 after 460 million USD was stolen by hackers and another 27.4 million USD disappeared from its bank accounts — combined with widespread trading by Japanese investors, drove the Japanese government to formally recognize “virtual currencies” as legal forms of payment in April 2017, thus paving the way for the formal registration of 11 cryptocurrency exchanges with the Financial Services Agency (FSA) by Sept. 2017.
At the time of the Coincheck hacking incident, the company's Sept. 2017 exchange status filing with the FSA was still under review; however, Japanese law permitted Coincheck to continue operations owing to the fact that Coincheck had existed before the revised law was promulgated by the Japanese government in April 2017.
On the Monday following Coincheck’s massive asset loss, Japan’s FSA ordered Coincheck to improve its operations to prevent future attacks and submit a report on the hack, along with remedial measures, by Feb. 13, 2018. Furthermore, the FSA announced that all cryptocurrency exchanges under its jurisdiction would undergo checks by their respective operators and report to the FSA in successive hearings.
Sources close to the investigation tracing the stolen NEM coins revealed to Japanese media on Jan. 30 that the 534 million USD had been transferred to at least nine separate digital addresses after the initial attack to make the coins more difficult to trace.
The NEM Foundation, creators of the stolen cryptocurrency, reported the same day that hackers were attempting to move the stolen coins to six other exchanges in an effort to sell them without triggering anti-money laundering mechanisms. By Jan. 31, at least twenty separate addresses had been involved in moving the stolen currency; the NEM Foundation requested cryptocurrency exchanges to not cash or conduct transactions with the stolen coins.
In an escalation of the Japanese government’s response to Coincheck’s situation, on Friday, Feb. 2, the FSA raided Coincheck’s offices in order to “ensure security for users.” Agency officials noted that this was the first cryptocurrency exchange to be subject to an on-site investigation by the FSA, with ten agents entering Coincheck’s headquarters to “gain a better understanding of how the exchange is operating in light of the [FSA’s] business improvement order” issued on Jan. 29. Other media sources indicated that the FSA conducted the raid in order to ascertain Coincheck’s exact financial situation and its capability of repaying the lost currency, although the FSA declined to comment on the issue of reimbursements.
While major cryptocurrencies have rebounded in value from the drop caused by Coincheck’s debacle, questions still remain over the identities of the hackers, the financial health of Coincheck, and the future of cryptocurrency regulation in Japan and beyond. Japanese authorities have indicated that some stolen NEM coins were sent to exchanges in New Zealand and the United States on Thursday, Feb. 1, a revelation that may signal future involvement from Washington or Auckland in investigating the massive cyberheist.