ArrowArtboardCreated with Sketch.Title ChevronTitle ChevronEye IconIcon FacebookIcon LinkedinIcon Mail ContactPath LayerIcon MailMenu BurgerPositive ArrowIcon PrintIcon SearchSite TitleTitle ChevronIcon Twitter
Concerned users gather outside Coincheck offices in Tokyo on Saturday.
Cryptocurrency

Japan regulator warns more cryptocurrency attacks possible

After $530m heist, Coincheck to refund customers affected

TOKYO -- Following a huge virtual currency theft on Friday, Japan's Financial Services Agency has sent a rare notice asking all virtual currency exchange operators in the country to recheck the security of their systems.

The Saturday warning came after some 58 billion yen ($534 million) in customers' virtual currency holdings was stolen from Coincheck, a Tokyo-based cryptocurrency exchange, on Friday. It was the biggest cryptocurrency heist in the world, exceeding the one in 2014 when hackers stole about 47 billion yen of virtual money from Japanese bitcoin exchange Mt. Gox, causing it to collapse.

The FSA hopes to ensure there are sufficient internal controls at virtual currency exchanges and to prevent another theft.

Meanwhile, Coincheck said that it will issue refunds to all of the 260,000 of its users who have become victims of the hack. The exchange will use its own money to reimburse the customers, Coincheck said in an announcement.

One of the major cryptocurrency exchanges in Japan, it has attracted many customers by offering trade in a number of virtual currencies, and by spending heavily on advertising.

At a news conference late Friday, the company said nearly all of the NEM virtual currency held by its customers had been illicitly transferred out of the company's system at around 3 a.m. local time that day. The company has since halted withdrawals, deposits and trading of all currencies.

In its letter, the FSA warned that more large-scale cyberattacks could be mounted against cryptocurrency exchanges. The agency has told exchange operators to check their information and operation systems, take precautions against suspicious transactions and communications, and immediately report incidents that compromise security or other systems to regulators. The agency also instructed management not leave such tasks to their staff, but to get personally involved.

The agency rarely sends such notices to businesses. In April 2017, the agency revised the payment services law to require that virtual currency exchanges become registered. The revised law obliges exchange operators to manage customer assets and their own assets separately, but how to do this is left up to individual exchanges.

Sponsored Content

About Sponsored Content This content was commissioned by Nikkei's Global Business Bureau.

You have {{numberArticlesLeft}} free article{{numberArticlesLeft-plural}} left this monthThis is your last free article this month

Stay ahead with our exclusives on Asia;
the most dynamic market in the world.

Stay ahead with our exclusives on Asia

Get trusted insights from experts within Asia itself.

Get trusted insights from experts
within Asia itself.

Get Unlimited access

You have {{numberArticlesLeft}} free article{{numberArticlesLeft-plural}} left this month

This is your last free article this month

Stay ahead with our exclusives on Asia; the most
dynamic market in the world
.

Get trusted insights from experts
within Asia itself.

Try 3 months for $9

Offer ends May 26th

Your trial period has expired

You need a subscription to...

  • Read all stories with unlimited access
  • Use our mobile and tablet apps
See all offers and subscribe

Your full access to the Nikkei Asian Review has expired

You need a subscription to:

  • Read all stories with unlimited access
  • Use our mobile and tablet apps
See all offers
NAR on print phone, device, and tablet media