Hackers hack into Japanese cryptocurrency exchange Coincheck, steal customer data including emails and passwords
Two days ago unknown hackers hacked into the Japanese cryptocurrency exchange Coincheck and stole customer information including email/phone number/date of birth, etc. Coincheck detected the hack immediately and put out a press statement detailing how the hack took place.
According to the press statement, hacker/s accessed the DNS records for the coincheck.com domain at the firm’s third-party domain registrar, Ome.com, and changed the login credentials. They were also forward incoming emails from Coincheck customers to the exchange to themselves.
Coincheck says that the hackers could have customer details of nearly 200 clients who emailed Coincheck between May 31 to June 1 and these details could be used for malicious purposes. The Coincheck security team immediately noticed the intrusion but not before the hackers were able to gain access to the emails. The Coincheck security team undid the changes the hackers did to the domain records and have asked Ome.com to investigate how the hackers were able to access the DNS records.
In the meantime, Coincheck has temporarily stopped cryptocurrency remittances by traders. However, the exchange said that services such as depositing/withdrawing Japanese Yen and receiving/purchasing/selling cryptocurrencies can be used as usual.
Coincheck is not new to hacking incidents. In 2018, unknown hackers hacked into its servers and stole bitcoins, ethereum, and other cryptocurrencies worth $500 million. The hackers from that particular hack have not been identified as of yet.