Cryptocurrency exchange Coincheck admitted that it has become a victim of a security incident in which unknown hackers accessed emails sent to the firm by its customers.
In an official statement, the Tokyo-based firm stated that attackers gained access to DNS records for the coincheck.com domain at the firm’s third-party domain registrar, and altered the records to forward incoming emails to them. It is believed that some emails received between May 31 and June 1, 2020 could be illegally accessed by unauthorized members.
Coincheck stated that compromised mails could have exposed email addresses listed in the recipient and the information listed in the customer’s email, which could later be exploited by cybercriminals. It also said that certain personal information like names, registered address, birth date, phone number, and ID Selfie were exposed in the incident.
While the hackers behind the security incident are unknown, Coincheck clarified that customers’ digital assets are not affected. The company also suspended the remittance of crypto assets temporarily. “Although there is no impact on your assets at this time, we will stop the remittance of crypto assets in our service again, considering the progress of the investigation by the domain registration service operator. Services such as depositing/withdrawing Japanese Yen and receiving/purchasing/selling crypto assets can be used as usual,” Coincheck said.
Coincheck Massive Data Breach
Earlier, in a major cryptocurrency heist, Coincheck lost 58 billion yen ($530 million) after hackers compromised its exchange platform. According to Reuters, the digital coins were stored in a hot wallet instead of the more secure cold wallet, which is not connected to the internet. Coincheck assured that it would return about 90% with internal funds. Japan’s finance regulator Financial Services Agency instructed the company to improve its operations and to submit an incident report.
Surge in Cryptocurrency Crimes
According to a report from U.S. based blockchain security firm CipherTrace, the cryptocurrency industry experienced a huge surge in thefts and frauds in 2019. In its “2019 Cryptocurrency Anti-Money Laundering (AML)” report, CipherTrace revealed that cryptocurrency crimes across the world hit over $4.3 billion in 2019. The report stated that hackers are using sophisticated methods to beat even advanced cybersecurity measures. It also highlighted that cybercriminals robbed around $125 million in Ethereum, Bitcoin, and other digital currencies from different cryptocurrency exchanges in Q2 2019.