Tokyo-based cryptocurrency exchange Coincheck has begun reimbursing customers who have lost their funds in the January hack that resulted in the theft of some $530 million worth of NEM coins (XEM).
On Monday, the Japanese exchange announced on its website that the “reparations for illicitly transferred NEM” tokens have commenced. The refunds will be made in Japanese yen (JPY) at a fixed rate of JPY88.549, or about $0.83 per NEM token stolen at the time of the theft on January 26. This is the same amount indicated in Coincheck’s initial compensation plan and is twice the current trading value of the XEM token, which is trading at under $0.40 at the time of writing.
“Reparations will be made directly to users’ accounts’ balances on Coincheck, not to bank accounts registered to accounts,” according to the exchange. “We will be completing withdrawal requests in the order that they come in, so it may take a short period of time for your transfers to be completed after withdrawals resume.”
Withdrawals in Japanese yen from Coincheck platforms will incur a fixed fee, and the exchange urge its customers to complete their identity verifications. Completed identity verification is required for JPY withdrawals, although clients are eligible for XEM refunds whether they have completed their identity verifications or not.
The announcement of a refund comes almost one month after the beleaguered cryptocurrency exchange resumed yen withdrawals on its platform. At the time, Coincheck received withdrawal requests amounting to JPY40.1 billion ($373 million) from customers seeking to get their money out of the exchange.
Coincheck promised to pay the 260,000 users affected in what was considered as the biggest theft in world history, effectively dethroning the infamous Mt. Gox hack. The January heist saw hackers getting ahold of 523 million XEM from Coincheck’s hot wallet.
The government’s Financial Services Agency (FSA) has been keeping close tabs on the exchange. Last week, FSA authorities slapped Coincheck with a second business improvement order after it was determined that the company’s risk management and consumer protection measures were not up to the required standards.
Executives at Coincheck hinted that the theft was caused by a possible malware-related incident, but police investigators discovered “multiple suspicious transmissions” were made from Coincheck’s intracompany network to Europe and U.S.-based servers around Jan. 23, three days before the theft occurred. The transmissions were allegedly phishing emails targeting employees at Coincheck.
Several customers have already filed a lawsuit seeking the return of their XEM and 12 other kinds of cryptocurrencies. Other victims have also formed groups to request their cryptocurrency holdings back.