Another week, another cryptocurrency exchange security breach. This time, the victim is Japanese service Bitpoint, owned by Remixpoint Inc.
According to an official statement, opening of new accounts, trading, deposits and withdrawals will be suspended in order to minimise the damages. However, despite the relatively quick reaction of the exchange operators, the damages are already massive – 3.5 billion yen were stolen, of which 2.5 billion belonged to customers.
The statement also details the timeline of the events, revealing that the hack was detected after a suspicious XRP transaction was found. Around 27 minutes later it was already known that the transactions were unauthorised. Approximately 200 minutes later the hackers started stealing other cryptocurrencies as well, and another hour after that an emergency meeting was held.
It led to the suspension of deposits and withdrawals three and a half hours later, and the eventual halting of all exchange services by the end of the day.
After the announcement, the stock of the parent company (Remixpoint TYO: 3825) dropped from 409 JPY to the allowed lower limit for the day of 356 JPY. There has been little indication about the ability of the exchange to recover and continue operations, apart from a statement that it the company will do everything in its power to recover the funds.
In addition, no details were given about the specific quantities of the different cryptocurrencies that were stolen. We do however know that the hot wallet that was hacked was holding XRP, Bitcoin, Bitcoin Cash, Ethereum and Litecoin.
Bitpoint was one of the exchanges that failed to pass security tests by the Japanese Financial Services Agency, which prompted them to improve internal controls. It is unclear whether this event had anything to do with the potential exploits found by regulators, but it does raise alarms about other exchanges that were found insecure by the authorities.
In a similar fashion, the Ministry of Science and Technology and the Korea Internet Development Agency recently inspected 21 local exchanges, examining 85 different security aspects. Only seven out of 21 passed the tests – Upbit, Bithumb, Gopax, Korbit, Coinone, Hanbitco, and Huobi Korea.