Japans Financial Regulator Responds To Coincheck US$530M Hack
https://coinjournal.net/japans-financial-regulator-responds-coincheck-us530m-hack/Japans Financial Services Agency (FSA) plans to take administrative actions against hacked cryptocurrency exchange Coincheck after the company announced the loss of 523 million units of NEM cryptocurrency (about US$530 million) from a hack.
The FSA suspects that a lack of proper security measures allowed hackers to steal a record haul of cryptocurrency on Friday, according to a report by Nikkei Asian Review.
The regulator will issue a business improvement order to Coincheck later on Monday and order the company to strengthen its safeguards to prevent a recurrence, Japans chief cabinet secretary Yoshihide Suga told a regular news conference.
The theft is said to be the biggest-ever losses of cryptocurrency to hackers. Coincheck halted withdrawals and trading in all cryptocurrencies on Friday, except bitcoin, and said in a statement that it would return the stolen money to the roughly 260,000 affected users. According to the announcement, the refund will be done using the companys own capital. No date has been set yet for the payments or for a restart of trading on the platform, Coinchecks chief operating officer Yusuke Otsuka told reporters.
Tracking the stolen funds
NEM Foundation interview Coincheck hack
NEM.io Foundation vice president Jeff McDonald interview with Inside NEM, Youtube
The NEM.io Foundations vice president Jeff McDonald said in a statement on Sunday that the organization was working on solutions to do the most we can to help Coincheck and also ensure the NEM community is protected.
We are currently reaching out to exchanges and exploring three different options, McDonald said. We also have a full account for all of Coinchecks lost NEM cryptocurrency (XEM) on the blockchain. At this time, the hacker has not moved any of the funds to any exchange, nor to any personal accounts of NEM community members.
The foundation said it was developing an automated tagging system to follow the stolen funds and tag any account that receives the tainted money.
In an interview with Inside NEM, McDonald said that when the stolen funds were moved out of Coincheck it appeared that the funds were stored in a hot wallet that had an exposed API and probably an exposed private key.
Coincheck should have used NEMs multi-signature contract and cold storage to secure the funds, he said.
McDonald added that a NEM hard fork was out of the question. A hard fork is not an option. The NEM protocol worked exactly as it was designed to work. Its a terrible thing but I think if the funds were going to be returned that it would have to be the hacker returning the coins to Coincheck, he said......
Biggest crypto hack ever Loses more than $$500 Million,coincheck subsequently restricted withdrawals of all currencies, including yen, and trading of cryptocurrencies other than bitcoin.
coincheck management said in the press conference that it held the NEM coins in a "hot" wallet, referring to a method of storage that is linked to the internet. In contrast, leading U.S. exchange Coinbase says on its website that 98% of its digital currency holdings are offline, or in "cold" storage.
In another high profile case, Tokyo-based Mt. Gox filed for bankruptcy in 2014 and said it lost 750,000 of its users' bitcoins and 100,000 of the exchange's own. The company was the largest bitcoin exchange at the time.
