Coincheck suffers security breach

[BTC Future 3946]

Japanese exchange Coincheck, famous for a major hack of around $500 million USD in cryptocurrencies (mostly XEM which Coincheck kept in a hot wallet!) which happened in January 2018, has once again suffered a security breach.

 

This time no funds were stolen but it was private data of around 200 users that leaked, after these users used the exchange email service for various inquiries. It seems that some vulnerability allowed hackers to steal personal data such as emails, names, addresses, phone numbers and even selfies that the exchange was asking for KYC purposes. These 200 users had contacted through email Coincheck during May 31st and June 1st.

 

This is the second major exploit happening to exchanges lately having as a target the personal data of exchange users.

Last one I covered on this article and had to do with Kraken.

 

 

Source: https://www.theblockcrypto.com/linked/67278/crypto-exchange-coincheck-says-it-suffered-a-data-breach-which-may-have-exposed-some-users-personal-information?utm_source=cryptopanic&utm_medium=rss

 

 

Edited June 3, 2020 by BTC Future
grammar mistakes

[bitcoinb 1359]

This is sa sad news. Another proof that no website in invulnerable. I hope some members will learn from this news and understand some important things:

• always use unique login details for each website
• always use a strong password
• never store on an excange platform more than you plan to use for trading
• prefer to use a non-custodial wallet
• use antivirus
• ALL WEBSITES ARE VULNERABLE

[magd 5231]

Blame can not be placed on the management of this Japanese platform only, but there is an error by users because this leak occurs only when traders share their mail and personal information with external parties, as the poor level of exchange security with this error from users contributed to facilitating the penetration

[bitcoinb 1359]

5 minutes ago, magd said:

only when traders share their mail

It is possible for a hacker to intercept transiting informations. I don't remember the name of this method. VPNs are supposed to block this method.

[malik6314193 5449]

I think members of that exchange should leave that exchange which can't maintain their security. There are a lot of best exchanges which are best in every aspect then why people choose such exchange which can not safe their data. 

[Whited35 15285]

Really not a good news. I think this sort of security breach is responsible to give a real FOMO. I have got really negative once I  heard that terrible incident of last BitFinex hacking after that I have avoided to put money in exchange wallet for a long time. 

[IlkayMkay94 0]

After a certain point you just have to question their diligence and security protocols, imagine having BTC with them that you can't cash, nasty situation

[Crypto123 0]

This is what makes me hate KYC and I have been saying this for a long time. How can anyone be safe with their private data on any website? All websites are vulnerable to penetration, no matter how strong their protection is, and thus to be safe that no one gets your documents and does not use them illegally?

[BTC Future 3946]

7 hours ago, Crypto123 said:

This is what makes me hate KYC and I have been saying this for a long time. How can anyone be safe with their private data on any website? All websites are vulnerable to penetration, no matter how strong their protection is, and thus to be safe that no one gets your documents and does not use them illegally?

It seems that all are vulnerable and that they do not actually care much about protecting their users privacy either. We just hope that they are doing their job correctly and trust centralized services but it is always a person that has access to them. Sometimes this person might allow this to happen, or leak the documents and data himself. Do you trust that person that an exchange has hired? We don't even know him, how can we trust him? Do you trust Coinbase and Kraken that they won't give all your private data away to governments or that they won't sell them to marketing companies as facebook and twitter has done so far extensively?

[Jessica Karren 1242]

Why Coincheck exchange is not taking it's security seriously, it's the 2nd attack on this exchange. If this continues then people will leave to use this exchange. These types of incidents hugely afftects the reputation of any platform.

[Nab 263]

this is something that happens continuously because many exchanges do not have a high level of security to stop the cyber attacks that hackers make,every day there ara many attacks not anly to exchanges but also to financial companies and even government offices in some countries.

[Yomose 3704]

The exchange was ones hacked but still better if only data were stolen in the second hack, but the issues of the exchange needs to be very careful of any phishing attack because it can lead to such but the ones that have knowledge about it will not be affected by avoiding it. 

[Zaino34 0]

This is what makes a lot of members hate joining sites that request KYC, but I don t know why hackers did not steal money instead of stealing people’s data. This is really incomprehensible, and for this matter we should not share our personal information with any site and move away from these sites as much as possible.

[BTC Future 3946]

1 hour ago, Zaino34 said:

This is what makes a lot of members hate joining sites that request KYC, but I don t know why hackers did not steal money instead of stealing people’s data. This is really incomprehensible, and for this matter we should not share our personal information with any site and move away from these sites as much as possible.

Most exchanges lately use cold wallets to store cryptocurrencies, and have a small percentage they use for withdrawals, so hackers are lately trying to built databases of the crypto traders and perhaps try and attack their systems individually. I'd be really careful if I owned a large amount of crypto and storing it in exchanges as these that had all the personal data not secure.

Edited June 24, 2020 by BTC Future

[Honny143 13612]

Its really bad new for crypto investors because why investors store their funds in this exchange, because this exchange store safely but this exchange do scam and sell users data, its really big crime and why peoples trust in this exchange I can't understand, once verify exchange then invest its better.

[BTC Future 3946]

On 7/4/2020 at 4:06 PM, Honny143 said:

Its really bad new for crypto investors because why investors store their funds in this exchange, because this exchange store safely but this exchange do scam and sell users data, its really big crime and why peoples trust in this exchange I can't understand, once verify exchange then invest its better.

I wouldn't trust them after getting hacked the first time. They obviously lack skills to secure the funds, or as you said they were the culprits themselves. Usually the main suspect is the exchange itself or someone inside it.

[BTC Future 3946]

9 hours ago, Ema watson said:

 then why pick such alternate which can not safe their facts.

I am not sure. This is a Japanese exchange so perhaps it is mostly used by people from this country. I guess they had a lot of marketing and events to make people choose them. Still as you said there are always alternate options available which are better for traders. 

Also it is a fact that we should not feel safe with exchanges holding our funds. There are a few that have proven to be secure but you never know.

[Cryptomint 433]

Yes this was a big attack from the thieves. And they stolen a lot of money at that time. And now also they try to snatch money.

[Abdulrahman3 1252]

Hacking incidents have increased a lot in the recent period, and the reason is the increase in the number of people working in the field of penetration after they learned that it brings them a lot of money if we put morals on the ground, and it is clear that it is easy for them to abandon their morals. But as far as this hack is concerned, I think if they took the money, it would be better than stealing people's personal information.

[ShiNorton 906]

Many platforms faced security breach. Hackers are very active & they can attack the system anytime when they are aware of fault in the platform. I think Coincheck developers should take action immediately to maintain the system correctly.

[Henri1111 120]

You've noticed why the exchange doesn't take security seriously. If it continues, people will stop using this exchange. Incidents like this are hugely linked to the reputation of any platform and many people save money but never get it back. If it is stolen, such incidents always happen. So everyone will be safe.