The South Korean authorities have issued fines to eight of the largest cryptocurrency exchanges in the country as a result of their poor security standards. The exchanges include the likes of Coinpia, RippleForYou, Coinplug, Upbit, Coinone, and Korbit. The size of these fines ranged from $10,000 up to $25,000.
Identifying Shoddy Security Measures
Bithumb is currently the second most significant South Korean exchange, as well as being the fourth most popular crypto exchange in the world regarding trading volume. To the relief of many, they are one of the few exchanges in South Korea not to receive these fines.
It was the South Korean Communications Commission (KCSC) who issued these fines due to violations that the exchanges made about the Information and Communication Network Act and Privacy Act.
It is believed that there was an investigation carried out between October 10, 2017, and December 28, 2017, in the South Korean exchanges by a number of state agencies. The most notable include, the South Internet Development Agency, the Ministry of Science, Technology, and Information as well as the KCSC.
There were ten exchanges under investigation, and eight of them were found to have committed security violations. Such negligence is, of course, a serious issue due to the sheer amount of currency with which are dealt on a daily basis through these platforms. In a similar case, Japanese exchange CoinCheck was recently robbed of nearly half a billion dollars worth in NEM (XEM).
These potential attack vectors are highly attractive to hackers who could exploit and create disastrous consequences both for the exchange in question and all of its users.
Maintaining Quality as User Base Swells
The trading volume of cryptocurrencies in South Korean has been increasing at a rapid clip which means many exchanges have been struggling to keep up with the demands being placed on their platforms.
Acceptable security measures for smaller user bases may have been sufficient, but it is now becoming clear that they need to be drastically improved in many cases. Such security measures as user protection, storing passwords of users, operation, and installation of access control devices, have been integrated poorly by many of these exchanges.
Regarding specifics, Yapian and Coinone received penalties combining more than $50,000 due to their failure in securely storing sensitive user information and account passwords. In particular, they had not segregated the accounts of users that hadn’t been active for over 12 months.
Korbit, the third biggest exchange in South Korea, received a fine of $20,000 for not having adequate tools for security breach detection or having a system to prevent server intrusion. Upbit, which is the leading crypto-to-crypto exchange in the country, received a $20,000 penalty due to violations of the above mentioned Privacy Act.
A spokesperson from KCSC claimed that the fines were “far too small” and that the commission is aware of this. The reason for the smaller size fines is due in part because this was the first occasion said exchanges had been found in violation of the Privacy Act and other relevant policies.