(2019)

Bitpoint

1000 BTC

Monetary Impact

$50,000,000

Month

July

Year

2019

Type

Exchange

Network

Ethereum

Platform Status

Operational

Cause

Wallet Compromise

Incident Review

Bitpoint Hack Report

Overview:
On July 12, 2019, Bitpoint, a licensed Japanese cryptocurrency exchange, was hacked, resulting in significant losses and impacting trust across the crypto ecosystem. Despite its reputation for security and compliance, attackers breached its defenses, highlighting vulnerabilities in hot wallet security.


Background and Incident Details

  • Security Measures: Bitpoint reportedly used standard protections like password hashing and two-factor authentication (2FA) for some operations.
  • Method of Attack: Likely a hot wallet compromise, possibly through phishing or malware targeting employees.
  • Exploit Description: Attackers accessed credentials for Bitpoint’s hot wallets, allowing them to drain large sums of cryptocurrency.

Impact Analysis

  • Financial Impact: Roughly 342,000 ETH (~$50 million USD) were stolen.
  • Service Disruption: No major outages reported.
  • User Trust: Severely damaged by the breach.
  • Market Reaction: ETH experienced a temporary price dip due to the incident.

Response and Resolution

  • Bitpoint’s Response: Initially minimized the hack, later acknowledged its scale and implemented security upgrades, including bug bounty programs.
  • User Compensation: Bitpoint did not reimburse affected users, citing lack of responsibility for the compromised credentials.
  • Law Enforcement: U.S. authorities filed a civil forfeiture complaint to recover laundered funds; Japanese regulators likely conducted their own probe.
  • Regulatory Impact: Prompted calls for stronger exchange oversight in Japan.

Security and Compliance

  • Key Failures: Weaknesses in hot wallet management and vulnerability to phishing/social engineering.
  • Regulatory Context: Bitpoint was licensed, but Japan’s crypto regulations were still maturing, lacking robust security mandates.

Broader Implications for the Crypto Industry

  • Hot Wallet Security: Reinforced the need for stronger controls and limited use of hot wallets.
  • Multi-Signature Wallets: Highlighted the benefits of requiring multiple sign-offs for crypto transfers.
  • Exchange Accountability: Intensified demand for transparent security practices and clear breach response protocols.

Conclusion

The Bitpoint hack exposed critical flaws in a regulated exchange, especially concerning hot wallet protection. The absence of user compensation further eroded confidence. Future recovery hinges on transparency, advanced wallet security, and user education.

Have a hack to report? Contact us. or Share this report

UEEx makes trading easier

Join the official Telegram Channel

©2025, UEEx All Rights Reserved FINTRAC Registered