Japanese cryptocurrency exchange Bitpoint has joined the long list of platforms that have lost millions to hackers. The exchange published a notice on its website, confirming “unauthorized outflow of virtual currency,” leading it to shut down operations pending the outcome of an internal investigation. It all started when Bitpoint customers noticed the exchange had stopped processing transactions in the early hours of Friday, July 12, 2019.
By 10:30 AM local Japanese time, multiple reports revealed that the exchange had halted its services entirely, including deposits, trading, and withdrawals. Soon after, Remixpoint, the parent company and operator of the exchange, published a press release, confirming the fear of many.
Unauthorized XRP Transfer
According to the press release, Bitpoint noticed a fundamental error concerning XRP transfers from its hot wallets late on Thursday night. By 2 AM local time on Friday, it was noticed that other cryptos had been illegally transferred as well.
The statement from Bitpoint’s parent company revealed that it had lost a total of 3.5 billion Yen (about $32 million at press time). The press release also clarified that the unsanctioned XRP transfers were the totality of customer assets stolen, and they made up for about 2.5 billion Yen ($23 million) of the total assets lost.
The exchange assured all affected customers that it would compensate affected users, and that service would soon be restored to normalcy. At this point, however, it remains unclear when the exchange would continue its operations.
A separate Bloomberg report on the matter revealed that at press time, shares of Remixpoint, which are listed on the second section of the Tokyo Stock Exchange, had dropped as much as 19 percent to their daily lower limit. The Bitpoint hack is just the latest in a series of hacks on Japanese crypto exchanges. Last year, Coincheck was the victim of a record-setting hack which saw it lose about $534 million in NEM tokens.
The company’s representatives had claimed that the hackers were able to get the private keys to the hot wallets where the tokens were stored. The exchange confirmed that it had reported the loss to authorities, and it halted all withdrawals from its platform as well.
Japan’s Regulatory Environment
The details of the exchange also bring into focus one of the recent regulatory amendments in the country. Earlier this year, the Japanese House of Representatives amended both the Payment Services Act and the Financial Instruments and Exchange Act, intending to effect the new standards in 2020.
While the amendments are much broader, one of the most interesting points was the requirement for cryptocurrency exchanges to change how they keep crypto. Going forward, exchanges must keep customers’ assets separate from their own.
The amendment also required that “reliable methods,” such as cold wallets, must be used when managing users’ money. If an exchange is to use a hot wallet, then the wallet must contain the same amount of exchange funds and customer funds. The regulators believe this model makes it easier for users to get reimbursed in the case of an hack.
Implementation is set for April 2020, and it’s expected to strengthen the security of customer funds and mitigate risks in the case of hacks. Hopefully, situations like Coincheck and Bitpoint could end up being a thing of the past.