South Korean Bitcoin exchange Bithumb has revealed that hackers have stolen upto 30000 customers details and an this has led to the theft of undisclosed amount of Bitcoins from its customers.
The initial theft appears to have occurred when hackers gained unauthorised access to a home PC’s used by an employee of Bithumb. They then used data this to steal personal details of Bithumbs customers and launched a phising campaign to trick the Bithumb customers into letting them steal their Bitcoins.
The Bithumb exchange allows people to transfer real world currencies into Bitcoins and Etherium virtual currencies.
Bithumb promised to compensate any of its customers up to a value of 10000 won ($85) but with unverified reports that some customers have lost over 1 billion won this will leave some customers at a large loss. Unfortunately for Bithumb customers the cyptocurrency exchanges are unregulated so there is no formal procedure for claiming back any losses.
Although the report doesn’t give details on how the PC was compromised questions must be raised on why Bithumb let it employees use a home PC have access to customers data. Either the PC was remotely connect to the Bithumb network or the employee had download the customer data to take it home. But with a business dealing with customers and financial records there need to be better protection of the data. Reports like this and those of virtual currencies being used for ransomware undermine the usefulness of these cyptocurrencies.