Coincheck NEM Hack — January 2018
The Tokyo exchange lost $530M in NEM tokens from a hot wallet — the largest crypto theft on record at the time. Customers were reimbursed in JPY at recovery prices.
Coincheck was one of Japan's largest cryptocurrency exchanges and the country's most prominent venue for NEM/XEM trading.
On the night of 26 January 2018, attackers obtained the private key to Coincheck's NEM hot wallet and transferred approximately 523 million XEM to addresses they controlled. The full balance of NEM held by the exchange was in a single internet-connected wallet without multi-signature controls — both architectural choices that NEM developers had publicly described as inadequate for exchange-scale custody.
Japan's Financial Services Agency issued business improvement orders against Coincheck within a week. Coincheck announced on 28 January that it would reimburse all affected customers in JPY at a fixed conversion price of ¥88.549 per XEM. Reimbursements were completed by mid-March 2018 from the exchange's own funds.
NEM developers attempted to trace and tag the stolen tokens but the attacker laundered them through over-the-counter conversion services to BTC and other assets. Most of the stolen XEM was never recovered. In April 2018 Monex Group acquired Coincheck and reopened it under stricter risk-management requirements.
Timeline
- Unauthorised NEM transfers begin
Approximately 523 million XEM moved from Coincheck's hot wallet across multiple transactions.
- Coincheck halts all withdrawals
Announcement at evening press conference. CEO Koichiro Wada apologises publicly.
- Reimbursement plan announced
All 260,000 affected customers to be repaid in JPY at ¥88.549 per XEM, ~88% of pre-hack price.
- Reimbursements completed
Approximately ¥46B paid out from Coincheck's own funds.
- Monex Group acquires Coincheck
Online brokerage takes ownership; exchange reopens under stricter risk management.
Who was involved
- Coincheckexchangevictim$530.0M