On September 25, a South Korean court ruled that cryptocurrency exchange service CoinOne was responsible for a hack on their service and ordered to pay 25 million won to an investor as part of the judgment. The investor’s personal login information was stolen, allowing for the hacker to take more than 45 million won despite a daily withdrawal limit being set at 20 million won.
In his petition, the plaintiff claimed that CoinOne was legally responsible because the daily limit should have blocked the hacker from being able to steal this amount. He further claimed that the basic security of the system should have blocked overseas IP addresses, but that the safeguards protecting these accounts were not sufficient.
CoinOne fought the allegations, claiming it was not their responsibility to secure the personal contact information of users. If they claimed the login information was stolen, that staff did not occur from any activity or negligence by CoinOne.
They also argued that the withdrawal limit being exceeded was a regulation imposed by the South Korean government, but would not have taken effect in this particular case because the transaction was generated from overseas. Thus, they concluded, they were not responsible for the total amount being stolen
The court found that only one of those arguments was valid, finding that the company’s failure to block the foreign IP address was proof of negligence, but not necessarily proof of culpability. Because the IP address was coming from a foreign location, that should have been a red flag that should’ve blocked the transaction.
However, the court did not hold CoinOne responsible for this part of the claim. While feeling that safeguards should have been implemented to bar the transaction in the first place, the company was only held responsible for the amount lost over the daily limit. Thus, the court ordered that 25 million won be paid to the plaintiff.
These kinds of occurrences have become commonplace for South Korean exchanges. Bithumb had been hacked twice in the last 15 months, losing as much as $51 million during that time.
A December review of the 21 primary crypto exchanges in South Korea found that only seven were in compliance with the 85 security protocol set by the government. Both Bithumb and CoinOne were given a passing grade. Their level of security was deemed at the highest level, but this did not stop these kinds of attacks from occurring. That has many wondering if these exchanges and accounts can truly be protected at all.
New to Bitcoin? Check out CoinGeek’s Bitcoin for Beginners section, the ultimate resource guide to learn more about Bitcoin—as originally envisioned by Satoshi Nakamoto—and blockchain.