South Korean digital currency exchange Bithumb has announced plans to compensate its users for any damages suffered because of compromised customer data records. The company has confirmed that roughly 30,000 customers had their data stolen when an exchange employee’s personal home computer was hacked. According to the online news site, BraveNewCoin, the company claims that the hack didn’t involve the Bithumb main server:
"The employee PC, not the head office server, was hacked. Personal information such as mobile phone and email address of some users were leaked. However, some customers were found to have been stolen from because of the disposable password used in electronic financial transactions.”
Reports indicate that the data compromise was first discovered last week, and authorities were alerted on June 30th. Yonhap News is reporting that the country’s internet watchdog, the Korea internet & Security Agency, has launched an investigation into the cyberattack. That agency is reportedly collaborating with the Korea Communications Commission in its probe of the incident.
In a blog post this week, Bithumb outlined its plans for compensating affected users:
“All members who have confirmed personal information leakage today have received a 100,000 won compensation for their account. In addition, for the members who suffer additional damage due to this incident, we will compensate the entire amount of damages in a responsible manner by the representative exchange as the damage amount is fixed.”
The “additional damage” mentioned in the company’s statement is a reference to some exchange users’ claims of financial damages related to the compromise of their personal information. There have been numerous complaints from customers who were victimized by phishing scams or other nefarious means, resulting in the loss of billions of won.