Japanese exchange Coincheck lost 523M NEM tokens stored in a single hot wallet without multisig protection.
Coincheck stored all NEM tokens in a single hot wallet without multisig security, contrary to NEM Foundation recommendations. Attackers gained access to the private key, likely through malware on an employee's computer, and drained the entire NEM holding in one transaction.
NEM Foundation implemented an automated tagging system to mark stolen XEM. Most exchanges refused to accept tagged XEM. Funds were sold on darknet markets and converted through OTC desks. Despite tagging, Coincheck repaid customers ~$430M from company funds.
N/A - NEM blockchain transaction