South Korea’s biggest cryptocurrency exchange Bithumb is scrambling to protect users funds after a large scale hack.

Initial reports from the Yonhap new agency indicate that over $30 million worth of cryptocurrencies were stolen during a cyber attack on June 19.

Cointelegraph Japan was informed that the hot wallet was hacked during the night and cryptocurrency stolen included Ripple. Once the exchange was made aware of the attack, it froze deposit and withdrawal services. Bithumb has already assured customers affected by the hack will be compensated for their losses.

“We checked that some of cryptocurrencies valued about $30 million was stolen. Those stolen cryptocurrencies will be covered from Bithumb and all of assets are being transferring to cold wallets.”

Furthermore, the exchange began moving all cryptocurrencies into a cold wallet on June 16, in conjunction with a security system check and database upgrade as per its Twitter account:

[Notice for the restart of service]

We are transferring all of asset to the cold wallet to build up the security system and upgrade DB. Starting from 15:00 pm(KST), we will restart our services and notice again as soon as possible. Appreciate for your support. — Bithumb (@BithumbOfficial) June 16, 2018

It is understood that the exchange also moved a large amount of Ether to its cold storage wallet as well.

South Korean authorities on the case

The country’s Ministry of Science and Technology has already launched an investigation into the incident, according to the Yonhap news agency.

The hack has also prompted the Korea Internet & Security Agency (KISA) to get involved in order to figure out how the hack took place, working closely with local police and other agencies. Authorities reportedly sent officers to Bithumb’s headquarters in Seoul to collect data and records from company computers.

Not the first time

This is not the first time that Bithumb has been compromised by a hacker. In July 2017, an employee’s computer was compromised, leading to 30,000 customers’ personal details being stolen.

It’s understood that the data was stolen from the personal computer of the employee, and not the company’s servers. The data did not contain passwords, but it was enough to enable fraudsters to use the information to dupe users.

This led to numerous Bithumb customers falling prey to scam calls and messages asking for account authentication codes. Those that fell for the scam saw funds stolen from their Bithumb accounts.

Details still unclear

At this stage, it is not yet clear which specific cryptocurrencies were stolen from the exchange. Ripple tokens have been identified as one of the virtual currencies stolen, but we still don’t know how many of the 37 cryptocurrencies traded on the exchange were taken as well.

EOS and Tron are the top two cryptocurrencies traded on the exchange, amount to 34 percent and 21 percent of trade volume respectively.

Image source: Coinmarketcap

Wake up call for Bithumb

Social media reacted in kind to the confirmation of the hack.

One Twitter user raised concerns after Bithumb deleted its initial tweet which had promised compensation to users affected by the cyber-attack.

Bithumb deletes tweet about $30M hack for users which will be "covered" by @BithumbOfficial. This is bad. pic.twitter.com/UPaV5Qovrs — :: lawson baker :: (@lwsnbaker) June 20, 2018

Bitrefill CEO Sergej Kotliar noted that Bithumb’s moving of crypto assets to its cold wallet had caused a spike in fees on the Bitcoin mainnet:

Currently big backlogs and high fees on the bitcoin network. Just confirmed that it is Bithumb, cleaning out their hotwallet. pic.twitter.com/21ENfmZj56 — Sergej Kotliar (@ziggamon) June 20, 2018

This also seems to be confirmed by transaction fee data from blockchain.info:

Image source: Blockchain.info

Clarity needed

As with all cyber attacks, details are always sketchy in the first few hours and days after the event. Bithumb is expected to give clarity on the theft and advise when normal trading, and deposits and withdrawals will resume on the exchange.

The latest situation once again casts a spotlight on South Korea. This latest hack comes just a couple of weeks after fellow South Korean exchange Coinrail was hit by a cyber attack. In that instance, the exchange lost $37 million worth of cryptocurrency to the hack.

Bithumb was only recently cleared of any wrongdoing after a three month long investigation into its practices by South Korean authorities.

The National Tax Service (NTS), Financial Services Commission (FSC) and Korea Financial Intelligence Unit (KFIU) had been investigating the exchange for any illegal activities, from fraudulent business practices to tax evasion.

Having declared a 71-fold increase in profits in a 12 month period, Bithumb was ordered to pay a tax bill of $28 million after the probe.

In the grand scheme of things, this latest Bithumb hack pales in comparison to some of the biggest cryptocurrency hacks in history. What is more, the exchange seems to have moved quickly to protect users funds, and has already promised to refund those who were affected by the theft.

Bithumb’s integrity will be tested in the weeks to come, and the spotlight is firmly on the South Korean exchange.