South Korean cryptocurrency exchange Bithumb found itself the victim of a hack last week, with hackers making off with around $30 million in funds. Bithumb at the time was the world’s 6th-largest cryptocurrency exchange but has since fallen to the 11th-largest. Once the theft was discovered, the exchange temporarily halted all deposits and payments as it moved funds from a hot wallet to a cold wallet. The hack was the exchange’s third in the past 12 months, which obviously shook confidence in the exchange’s security.
South Korean investigators began to take a closer look at Bithumb’s security procedures as a result of the hack, a continuation of an investigation that had begun earlier in the year. South Korea’s Ministry of Science and Technology (MIC) spearheaded the investigation, as it has similarly looked at the security procedures at 21 different cryptocurrency exchanges in South Korea.
Perhaps most surprising, MIC investigators found 12 of those exchanges had a complete lack of security procedures. At the others, investigators found various weaknesses, including inadequate network isolation, lack of monitoring for suspicious activity, and insufficient password security management.
While Bithumb was able to detect suspicious activity and transfer a large amount of assets into a cold wallet after noticing unusual activity on its servers, it obviously wasn’t enough to stymie the attackers. Hopefully South Korean investigators will be able to get to the bottom of things and figure out how the hack could have been avoided.
Thankfully American exchanges such as Coinbase have yet to be hacked, but that may only be a matter of time. While they place a great deal of emphasis on security, the fact remains that anything that is online can be hacked. That’s why it’s so important for Bitcoin investors to store their assets in cold wallets. Only through a cold wallet can investors ensure that they are protected against hacking. In an era in which hackers are more motivated than ever to steal anything that isn’t securely protected, it’s only a matter of when, not if, assets in hot wallets fall victim to online thieves.