The perpetrators allegedly scammed $18.7 million from the elderly and retirees.
Japan-based cryptocurrency exchange Bitpoint announced it lost 3.5 billion yen (roughly $32 million) worth of cryptocurrency assets after a hack that happened late yesterday, July 11.
The exchange suspended all deposits and withdrawals this morning to investigate the hack, it said in a press release.
In a more detailed document released by RemixPoint, the legal entity behind Bitpoint, the company said that hackers stole funds from both of its “hot” and “cold” wallets. This suggests the exchange’s network was thoroughly compromised.
Hot wallets are used to store funds for current transactions, while the cold wallets are offline devices storing emergency and long-term funds.
Bitpoint reported the attackers stole funds in five cryptocurrencies, including Bitcoin, Bitcoin Cash, Litecoin, Ripple, and Ethereal.
The exchange said it detected the hack because of errors related to the remittance of Ripple funds to customers. Twenty-seven minutes after detecting the errors, Bitpoint admins realized they had been hacked, and three hours later, they discovered thefts from other cryptocurrency assets.
Another three and a half hours later, after a meeting with management, the exchange shut down, and law enforcement notified.
Two-third of stolen funds belonged to customers
The exchange also said that 2.5 billion yen ($23 million) of the total 3.5 billion yen ($32 million) that were stolen were customer funds, while the rest were funds owned by the exchange itself, as reserve funds and profits from past activity.
The exchange did not say if it can or plans to refund customers.
Bitpoint is the third major Japan-based cryptocurrency exchange to suffer a major hack in the past years.
In September 2018, the Zaif cryptocurrency exchange lost $60 million following a hack. In 2017, cryptocurrency exchange Coincheck was hacked for $530 million.
Both exchanges were forced by Japan’s financial regulators to pay back customers after their hacks.