Exchange Leak Puts $620K-Worth of Customer Crypto at Risk

A new exchange from South Korea leaked critical information about 19 of its users, a mistake that could have cost them $620,000 in cryptocurrency.

AccessTimeIconJun 26, 2018 at 6:00 a.m. UTC
Updated Sep 13, 2021 at 8:06 a.m. UTC

A South Korea-based exchange has inadvertently leaked sensitive information about 19 of its users, potentially putting some $620,000 worth of cryptocurrency at risk.

According to a report from CoinDesk Korea , an employee of Bitkoex, an exchange launched in May, posted information on how much of the Karma (KRM) cryptocurrency was held by 19 users on the platform in a social media chat last Friday

The report said the leaked message contained the email addresses associated with the users as well as the wallet addresses and private keys to the KRM token in their accounts, which could allow anyone with the information to access the assets.

The total amount of the token owned by the users worth 750 million won, or around $620,000, the report said.

Following the event, Bitkoex said the employee posted the message by accident and the exchange has moved the exposed assets to a cold wallet, which is not accessible through the internet. As such, the company asserted no assets have been lost.

Yet, this is not the first time that user information had been leaked from a Korean crypto exchange.

As previously reported by CoinDesk, the computer of an employee from Bithumb, one of the largest crypto exchanges in South Korea by trading volume, was hacked earlier last year. Information of as many as 30,000 users on the platform was subsequently leaked.

In fact, yesterday's report said the country's Ministry of Science and ICT inspected the information security level of 21 crypto exchanges in South Korea from January to March and confirmed that most companies have security vulnerabilities.

Just last week, Bithumb said that around $31 million in cryptocurrency was stolen by hackers from the platform.

Key image via Shutterstock

DISCLOSURE

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.


Learn more about Consensus 2024, CoinDesk’s longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.