TOKYO -- Tech Bureau, the operator of Japanese cryptocurrency exchange Zaif, reported on Thursday morning that hackers had stolen 6.7 billion yen ($60 million) worth of digital currencies.
Of the amount stolen, about 4.5 billion yen belonged to exchange customers.
The exchange was hacked between 5 p.m. and 7 p.m. on Sept 14. Three types of digital coins -- Bitcoin, Bitcoin Cash and Monacoin -- were stolen from "hot wallets," which are connected to networks at all times.
The company did not detect the hack until Sept. 17, after which the exchange immediately stopped all transactions. Tech Bureau confirmed the hack on Sept. 18, reporting it to the Financial Services Agency and investigative authorities.
In order to compensate customers for their losses, Tech Bureau will sell a majority of its shares to a group company under financial services provider Fisco.
The group company will inject 5 billion yen into Tech Bureau as the two companies work to complete an agreement by the end of the month.
Tech Bureau has also contracted with system consultant Caica to beef up security.
In January, Japan's cryptocurrency markets were rocked when Coincheck lost 58 billion yen worth of NEM digital currency in a hack, which also targeted hot wallets.
Tech Bureau was one of 16 FSA-licensed exchanges. The agency directed cryptocurrency exchanges in March and June to improve their business operations.
"We are gathering intelligence concerning the breach," said police investigating the hack.
From January to June this year, Japan's National Police Agency had learned of 158 cryptocurrency thefts totaling 60.5 billion yen. This compares with 149 thefts totaling 660 million yen for all of last year.
Among the thefts in the first half this year, Bitcoin saw the largest number of cases at 94, worth about 860 million yen. Ripple is next in line, at 42, leading to losses of about 1.52 billion yen, followed by Ethereum at 14, totaling about 61 million yen.
Large hacks receive the most attention, but most thefts are from accounts held by individuals with low awareness of proper security.
The NPA has warned cryptocurrency users of the danger of using the same ID and password across online services and phishing emails aimed at luring people to fake websites to steal their password and other sensitive information.