Japan-based cryptocurrency exchange Bitpoint announced it lost 3.5 billion yen (roughly $32 million) worth of cryptocurrency assets after a hack that happened late yesterday, July 11.
The exchange suspended all deposits and withdrawals this morning to investigate the hack, it said in a press release.
In a more detailed document released by RemixPoint, the legal entity behind Bitpoint, the company said that hackers stole funds from both of its "hot" and "cold" wallets. This suggests the exchange's network was thoroughly compromised.
Hot wallets are used to store funds for current transactions, while the cold wallets are offline devices storing emergency and long-term funds.
Bitpoint reported the attackers stole funds in five cryptocurrencies, including Bitcoin, Bitcoin Cash, Litecoin, Ripple, and Ethereal.
The exchange said it detected the hack because of errors related to the remittance of Ripple funds to customers. Twenty-seven minutes after detecting the errors, Bitpoint admins realized they had been hacked, and three hours later, they discovered thefts from other cryptocurrency assets.
Another three and a half hours later, after a meeting with management, the exchange shut down, and law enforcement notified.
Two-third of stolen funds belonged to customers
The exchange also said that 2.5 billion yen ($23 million) of the total 3.5 billion yen ($32 million) that were stolen were customer funds, while the rest were funds owned by the exchange itself, as reserve funds and profits from past activity.
The exchange did not say if it can or plans to refund customers.
Bitpoint is the third major Japan-based cryptocurrency exchange to suffer a major hack in the past years.
Both exchanges were forced by Japan's financial regulators to pay back customers after their hacks.
More data breach coverage:
- Marriott faces $123 million GDPR fine in the UK for last year's data breach
- Smart home maker leaks customer data, device passwords
- Canonical GitHub account hacked, Ubuntu source code safe
- 'Silence' hackers hit banks in Bangladesh, India, Sri Lanka, and Kyrgyzstan
- Hackers breached Greece's top-level domain registrar
- Pale Moon says hackers added malware to older browser versions
- A hacker assault left mobile carriers open to network shutdown CNET
- 90% of data breaches in US occur in New York and California TechRepublic