Coincheck: Japan's $530 Million Wake-Up Call
$530 million stolen from a hot wallet. In Japan. Again.
Four years after Mt. Gox collapsed in Tokyo, Japan got hit again. Coincheck, one of the country's biggest exchanges, lost $530 million in NEM tokens from a single hot wallet. At the time, it was the largest crypto theft ever recorded.
The attack was embarrassingly simple. Coincheck stored all its NEM in a hot wallet connected to the internet. No multi-sig. No cold storage. The hackers got in, grabbed the private keys, and cleaned out the entire wallet in one transaction. Half a billion dollars, gone in minutes.
What happened next was unexpected. Instead of filing for bankruptcy like Mt. Gox, Coincheck's executives held a press conference and promised to reimburse all 260,000 affected customers from the company's own funds. And they actually did it. Every user got paid back in Japanese yen at the rate NEM was trading when the hack happened.
The hackers tried to launder the NEM through a network of exchanges, but the NEM Foundation tagged the stolen tokens on the blockchain, making them traceable. Most exchanges refused to process them. It didn't lead to arrests, but it did make the funds extremely difficult to move.
Japan's Financial Services Agency came down hard. They hit Coincheck with a business improvement order and forced major security overhauls across the entire Japanese exchange industry. Monex Group, a major Japanese brokerage, bought Coincheck for a bargain price a few months later.
The Aftermath
Coincheck survived by doing the one thing Mt. Gox couldn't: making customers whole. All 260,000 affected users were reimbursed in Japanese yen. Monex Group acquired the exchange for a bargain price. The hack triggered Japan's comprehensive crypto exchange regulations, making it one of the most tightly regulated markets in the world. The hackers were never identified.
COMMENTS