Earlier this week, a South Korean court acquitted Bithumb, which was accused by a client of allowing hackers to steal his cash and crypto holdings, in what appears to be an elaborate scheme by fraudsters. The security breaches resulted in the theft of cryptocurrency worth nearly 400 million Korean won ($355,000).
A user of the world’s largest cryptocurrency exchange, Ahn Park, claimed that on November 30, 2017, a lack of Bithumb’s security allowed hackers to drain his account, except for a few cents, even after it increased security following an earlier hack.
The hacker managed to control Park’s account for a few hours, which was more than enough to exchange all cash balances for Ethereum.
It is unclear exactly how the thieves gained access to Park’s personal data, but the lawsuit suggests he could be one of Bithumb’s 31,000 users that saw their accounts records accessed via an employee’s home computer — later resulting in cryptocurrency thefts through phishing attacks.
The basis for the legal action stems from the fact that Bithumb was previously compromised. Park alleges that there are critical issues with the exchange’s servers which still haven’t been fixed.
The lawsuit also raised questions over the obligations of exchanges, and whether they can be held liable for security breaches to live up to their fiduciary duties.
Why Ethereum Needs Layer 2 Solutions More Than EverGo to article >>
The Seoul-based exchange defended itself and argued that it is not responsible for compensation because it is not a financial company, an electronic financier, or an electronic financial assistant.
Crypto Not Legal Tender
Ultimately, the court acquitted Bithumb of charges relating to alleged theft and also agreed to its argument that it is not a financial company. The judge also said Bithumb had sufficiently fulfilled its fiduciary duty to Park when it sent him 10 SMS messages to alert him of ETH transactions carried out by the hacker.
He added that cryptocurrency is “mainly used as speculative means, so it cannot be regarded as an electronic means of payment.”
An official of the country’s Financial Supervisory Commission was previously quoted saying the same meaning when Bithumb was facing another class-action lawsuit over issues stemming from its server outage which went down on November 12.
He stated that there are many speculative factors and crimes such as receipt of similar and hacking are continuing. “Virtual currency is not financial money nor financial investment products at present. The government says you should do it at your own risk, even if you do not recommend the transaction,” the FSA representative adds.
Around 3,000 plaintiffs are seeking unspecified damages and compensation for legal fees, as well as certification for class-action status. At the time, Bithumb said that it is still discussing how it will move to pay back users, apologizing for the losses and stating that the exchange “will meet its legal and social responsibilities concerning this issue.”
The document corresponding to the lawsuit also states that one of the main reasons for the claim is the fact that Bithumb was previously hacked in June.