DB Insurance — one of South Korea’s four biggest property and casualty insurers and the company that holds South Korean cryptocurrency exchange Youbit‘s policy — has denied a claim that the exchange filed after a hack in December of last year drained it of “about 17% of [its] total assets.” Youbit claimed that the insurance money, which could have added up to $2.8 million total, would be used to pay out customers affected by the hack.
According to Yapian, Youbit’s parent company, the insurer had accused it of rushing to acquire the policy (which had taken effect just weeks before the hack) and for failing to make certain important disclosures during the negotiating process. Yapian denies both charges and accuses DB Insurance of fabricating obstacles to avoid having to cover the claim. A spokesperson for DB Insurance confirmed yesterday that the company had rejected Yapian’s requests, but declined to disclose a reason why.
Security has become a critical concern for the cryptocurrency industry, which is facing increased scrutiny from regulators around the world. Earlier this month, Japan’s Financial Security Agency (FSA) suspended operations of the exchanges Bit Station and FSHO in attempts to protect customers’ assets. Late last year the South Korean government fined BTCKorea.Com Co., operator of the country’s second-largest crypto exchange, Bithumb, after a hack compromised the personal information of thousands of its users.
And let’s not forget Coincheck: in January a hack netted cybercriminals 523 million NEM tokens, worth over $425 million at the time. Eventually, the hack was blamed in part on Coincheck’s bad security protocols, where customers’ tokens were stored in a non-secure wallet.
The company responded to the hack immediately by making a statement that it would reimburse 90% of the value of the stolen coins. Since then customers have enacted two separate class-action lawsuits that accuse Coincheck of paying out at lower rates that is fair for customers.
These issues help to highlight the fact that centralized cryptocurrency exchanges are not the safest places to store coins. The centralization of various components of the trading platforms provide an opportunity for hackers to break into systems to steal user data, sensitive financial information, and even reallocate user funds.
A large majority of attacks against these platforms have been made possible due to lax security method employed by the firms that operate them; when looking to store your own coins, it’s important to research what security features an exchange utilizes.
Look for 2FA — two-factor authentication — for logins, PGP-encrypted email communication, and email and SMS alerts. These are the basic hallmarks of any safe cryptocurrency exchange. Exchanges should also store most of its users’ funds offline in cold storage. Additionally, exchanges should undergo regular financial audits to show proof of reserve, and security audits to show that its platform is well-guarded against attacks and potential technical issues.