Overview
In 2017, Bithumb—South Korea's biggest cryptocurrency exchange—suffered a major security breach, compromising data of 30,000 users. Hackers exploited stolen information to siphon funds from accounts via sophisticated "voice phishing" scams.
Key Incident Details
- Breach Method: Phishing attacks impersonating Bithumb staff tricked users into divulging credentials.
- Scope: Affected 3% of total clients; originated from an employee’s compromised home PC (February 2017).
- Discovery: Detected June 29, reported to authorities June 30.
Bithumb’s Response
- Compensation: Initial offer of ৳100,000 (~$86) per user, with additional reimbursements pending verification.
- Security Measures: Enhanced protocols post-breach, though specifics unverified.
Context
- Exchange Volume: Handled 10% of global Bitcoin trades (~13,000 BTC daily) and ৳2 trillion (~$1.8B) annually at the time.
- Regulatory Climate: Incident occurred during Korea’s push for crypto regulatory frameworks.
FAQs
1. How did the Bithumb hack occur?
Hackers accessed data via an employee’s infected personal computer, then used voice phishing to steal account funds.
2. What was the financial impact on users?
Bithumb pledged minimum reimbursements of ৳100,000 per user, with more after case reviews.
3. Did Bithumb improve security afterward?
While they claimed upgrades, independent audits weren’t publicized. 👉 Learn about secure exchanges
4. Why target cryptocurrency exchanges?
High liquidity and often weaker security make them prime targets for cybercriminals.
Lessons Learned
- User Vigilance: Always verify communications from exchanges.
- Exchange Accountability: Transparent post-breach actions build trust. 👉 Explore crypto security