SK Regulator Fines Exchange Operator Bithumb 60 Million Won for Leaking Customer Data
The Korea Communications Commission has fined the operator of Bithumb, South Korea’s largest bitcoin exchange, for leaking users’ private data. This marks the first time the country’s government has taken punitive steps against a cryptocurrency exchange.
Also read: South Korea Clarifies Position After Reports of Possible Ban on All Crypto Transactions
First Punitive Action Against Crypto Exchange
South Korea’s Communications Commission (KCC) held a meeting on Tuesday to inform BTC Korea.com of penalties imposed on the company “for allegedly leaking the private data of its users,” Yonhap reported. Citing this case as “the first time that South Korea has taken punitive steps against an operator of a cryptocurrency exchange,” the publication elaborated:
The Korea Communications Commission decided to impose fines totaling 60 million won ($54,970) on BTC Korea.com, the operator of Bithumb, the largest bitcoin and ethereum digital currency exchange in South Korea, for its alleged negligence in the protection of its users’ information.
The agency has also recommended punishment of responsible persons at the exchange, the news outlet detailed. In addition, the KCC mandates the company to establish measures to ensure no further violations occur in the future.
The Korean won is currently the third-most-traded currency for bitcoin, and Bithumb has approximately 80% of the domestic market share. Its cryptocurrency trading volume surpassed that of the country’s leading stock market, Kosdaq, back in August.
The KCC explained that, in accordance with the current Information and Communications Network Act, the fines are based on BTC Korea.com’s average sales between 2014 and 2016, which is 2.72 billion won. However, critics say that this calculation is not appropriate. The punishment is “too light, given a sharp rise in cryptocurrency transactions,” an expert told the publication.
The agency indicated that it plans to revise this Act and increase the fines for companies leaking customers’ private information in the future.
Bithumb’s Data Breaches
According to the KCC, hackers stole the private information of Bithumb’s users twice. The investigation by Korea Internet & Security Agency (KISA) revealed that Bithumb leaked the data of 31,506 customers in April and 3,434 customers in July.
“We took into consideration the fact that the vulnerability occurred due to failure to comply with the safeguards clause and was directly or indirectly exploited by the hacker. Personal information was leaked and monetary damage occurred,” the KCC explained. An official of the agency was quoted saying:
The punitive action was taken as the operator did not comply with protective steps, making it vulnerable to hacks and causing leaks of personal data and financial damage.
“In the course of this investigation, BTC Korea.com was not able to detect illegal attempts to hack personal information, including stored personal information on a personal computer without encrypting the personal information file, and did not update their antivirus software,” the publication further conveyed.
Currently, cryptocurrency exchanges in South Korea are largely unregulated. Cryptocurrencies are not recognized as financial products and there are no rules to protect people investing in them.
Given the rapid increase in crypto trading volumes, the government is actively discussing their regulation. News.Bitcoin.com reported on the Ministry of Justice being put in charge of a task force to spearhead regulation last week. Many measures have been considered including an outright ban on all crypto transactions. However, the government has decided to make an exception to allow crypto exchanges that meet certain conditions to operate legally.
What do you think of Bithumb’s security routines? What do you think of the fines imposed on them? Let us know in the comments section below.
Images courtesy of Shutterstock, KCC, KISA, and Bithumb.
Need to calculate your bitcoin holdings? Check our tools section.