Coincheck
HackedExchange · born 2012 · ✝ 2018
$534M in NEM walked out of a hot wallet with no multisig.
Coincheck was one of Japan's largest crypto exchanges when, in January 2018, attackers drained roughly $534M worth of NEM (XEM) — the biggest exchange theft at the time. The tokens sat in an internet-connected hot wallet with no multisignature protection.
- Peak
- ~$534M stolen (NEM)
- Cause
- Hacked
- Year of death
- 2018
☠️ Cause of death
NEM holdings were kept in a single hot wallet without multisig, and the private key was compromised. The exchange survived only because Monex Group acquired it and reimbursed affected users from its own funds.
📓 Lessons left behind
- —Hot wallets are for liquidity, not for the treasury.
- —Multisig on every supported asset is non-negotiable.
- —A deep-pocketed acquirer can save users but not the security record.
🌱 The idea that survived
Cold-first, multisig custody
Japanese regulators forced exchanges toward cold-storage ratios and multisig after Coincheck — the discipline survivors now advertise.
#exchange#hot-wallet#japan#nem