Hackers have stolen significant amounts of Bitcoin and Ethereum after hijacking a computer belonging to an employee of Bithumb, one of the world’s largest cryptocurrency exchanges.
Following complaints of cryptocurrency being stolen from their wallets, South Korea-based Bithumb informed customers last week that malicious actors had gained access to the PC of an employee and managed to steal user data, including email addresses and phone numbers.
According to South Korean news reports, roughly 31,000 users – representing 3 percent of the company’s total number of customers – had their information compromised. The incident is said to have occurred in late June.
While the stolen data did not allow the attackers to directly access virtual currency wallets, they used the compromised information to impersonate Bithumb administrators and trick people into handing over their credentials. Some victims reported being called by individuals purporting to be Bithumb executives, claiming there had been suspicious activity on their account.
Some users reported losing thousands and even hundreds of thousands of dollars worth of Bitcoin and Ethereum. The total losses could be very high considering that, last year, Bithumb was used to trade billions of dollars worth of cryptocurrencies.
Bithumb representatives have promised to compensate affected users with up to 100,000 South Korean Won (roughly $90), and fully reimburse them once exact damages are determined.
The company claimed its internal network and servers are safe, but advised customers to change their email address and password.
Bithumb notified the Korea Internet & Security Agency (KISA) of the incident. Over 100 of the organization’s customers are said to have filed a complaint with the National Police Agency’s cybercrime division.
Bithumb is not the only South Korean Bitcoin exchange targeted recently by hackers. A few weeks ago, Yapizon reportedly lost more than 3,800 bitcoin, at the time worth roughly $5.5 million, after hackers breached its systems.
Related Reading: Web Hosting Provider Pays $1 Million to Ransomware Attackers
Related Reading: Bitcoin Lending Platform Loanbase Breached
Related Reading: Dumps from Two More Bitcoin Breaches Disclosed by LeakedSource