Coincheck Crypto Exchange Clients’ Data Compromised After Hacker Breached Its Domain
Japan-based cryptocurrency exchange, Coincheck, announced yet another hack – this time about 200 customers data was compromised after a domain account error. According to an official statement from the corporate desk of Coincheck, a third party was able to gain unauthorized access to one of the exchange’s domains from May 31st to June 1st.
Coincheck’s data breach on 200 customers
The statement from the exchange suggests that the third party attackers obtained the Onamae.jp domain (which “was in a state where it could be acquired”) hence compromising users’ data, The statement says over 200 customer’s data including users’ email addresses and vital information such as names, addresses, date of birth, ID, phone numbers, and selfies were collected by the attacker.
However, as at the time of reporting no user’s funds have been stolen or accessed. It reads,
“The domain registration information has been amended at around 20:52 on June 1, 2020, and there is no impact on the customer's assets at this time.”
The exchange will further investigate the attackers' motives and follow up with customers with accounts that have been hacked. The exchange has suspended crypto remittances operations on the exchange but users can still deposit, withdraw and trade normally.
The exchange will receive complaints and inquiries from users on the service center on coincheck.jp (NOT coincheck.com)
One too many?
In 2018, the Japanese crypto exchange experienced one of the largest hacks in the past decade, losing close to half a billion dollars in users’ assets. While the exchange has since been acquired by Monex in a $33.5 million acquisition, such cases may be one too many for the exchange.
Coincheck’s data breach follows the recent BlockFi data breach in April by a SIM-swapper exposing clients’ account activity, postal, and email addresses.