$60m cryptocurrency hack: Japanese financial regulators have their say

$60m of cryptocurrency has been taken from the Japanese Zaif exchange, it’s been confirmed. And the Japanese government isn’t happy about it.

The Japanese cryptocurrency exchange Zaif confirmed last week that it was the latest to fall foul of successful attack by hackers.

The hack in question took place earlier in September, and was discovered by the exchange the Monday before last. Formal confirmation followed on the subsequent Tuesday, as Zaif got in touch with the relevant authorities and filed a report about the hack.

But those authorities are not happy. Now, Japan’s financial regulator has had its say, and it doesn’t make good reading for Zaif. It’s said that the company behind the exchange has failed to provide good enough details on how thieves managed to hack it, nor explain the delay in reporting the breach.

Furthermore, it turns out that the company behind Zaif, Tech Bureau, was already in the crosshairs of Japanese financial regulators. “It is extremely regrettable that such an incident happened when (Tech Bureau) was given two business improvement orders”, an official was stated as saying, as per a Reuters report.

The actual hack itself took place between 5pm and 7pm on September 14th, and exposed vulnerabilities in the exchange’s hot wallets. Three different types of cryptocurrency were successfully withdrawn in the hack – Bitcoin Cash, Bitcoin and MonaCoin – totalling some $60m worth of coins in all. The majority of that was Bitcoin.

Moving onto Wednesday, Zaif then moved to suspend user deposits, as well as withdrawals. It took this step whilst its staff ascertained whether or not any traces of the hackers remained.

Zaif does plan to pay back customers affected by the hack, and is reportedly seeking a loan to help it do so.  But it’s clearly not going quickly enough.

The official announcement from Zaif can be found here. In it, the firm confirms that it is now checking and strengthening its security, and it apologies to customers for any inconvenience caused as a consequence. There are still no firm clues as of yet to the identity of the hackers.