June 26, 2018By Thomas Ramsay
“Following the event, Bitkoex said the employee posted the message by accident and the exchange has moved the exposed assets to a cold wallet, which is not accessible through the internet. As such, the company asserted no assets have been lost.”Moreover:
“This is not the first time that user information had been leaked from a Korean crypto exchange. The computer of an employee from Bithumb, one of the largest crypto exchanges in South Korea by trading volume, was hacked earlier last year. Information of as many as 30,000 users on the platform was subsequently leaked.”You can see the full report for yourself, here- https://www.coindesk.com/korean-exchange-puts-620k-worth-of-crypto-at-risk-in-leaked-chat/ What is the problem here? Obviously, this instance is not a case of poor security or poor operations within Bitkoex, however, it does seem as if the exchange has failed to carry out due diligence on their staff. It is imperative that only vital members of the team have access to personal data and thus, these members of staff should be subject to rigorous vetting procedures to ensure they understand why they can’t share their customers personal data online. Surely, the essence of the blockchain means that a crypto exchange can run a large-scale operation, yet only allow a handful of staff to actually be able to see live personal information of this nature? We should recognise the efficiency in which Bitkoex have dealt with this incident. They have taken appropriate steps to ensure that customers assets remain safe, but, the major problem is that this has been allowed to happen in the first instance. Realistically, their next response should be to provide clearer instructions to staff which stipulate exactly why this sort of thing is unacceptable, perhaps some further training is needed. Finally, we should expect Bitkoex to start to limit who has access to what. The bigger picture for South Korea is a gloomy one, surely there’s only so much negative news that Korean investors can take?