One of the world’s largest cyber-currency exchanges is under investigation after it acknowledged that one of its employee’s PCs had been hacked.
South Korea-based Bithumb has said that it believes personal details of more than 30,000 of its customers were stolen as a result.
It appears the data was subsequently used to fool users into letting thieves steal funds from their accounts.
Bithumb has promised compensation.
But the Korea Internet and Security Agency, a local government-empowered watchdog, has launched an inquiry into the matter, according to the Yonhap news agency.
Bithumb allows its members to buy and sell the virtual currencies Bitcoin and Ethereum. It is South Korea’s biggest cryptocurrency exchange, based on recent trading volumes, and one of the five largest in the world.
The breach is reported to have occurred in February, and is said to have involved an employee’s home PC rather than computer servers at the firm’s headquarters.
Bithumb is reported to have discovered the breach only on 29 June and reported it to the authorities the next day.
Although a notice posted to the company’s site said the leaked data did not contain passwords, dozens of customers have reported receiving follow-up scam calls and texts in June that persuaded them to share their accounts’ authentication codes.
Bithumb has promised initially to cover losses of up to 100,000 won ($86; £67) per customer, and to add to this once it has been able to verify individual losses.
But it is unclear whether victims will be compensated in full.
An unverified local report said one member claimed to have lost 1.2bn won ($1.04m; £806,000).
At present, virtual currencies are not regulated by South Korea’s financial authorities and efforts to address the matter have made little progress.