(Bloomberg) -- Coincheck Inc. users withdrew 40.1 billion yen ($373 million) from the cryptocurrency exchange on Tuesday, the first day customers were allowed to pull out in the wake of the cyber-theft of about $500 million last month.
The target of the biggest theft of digital coins in history on Tuesday began allowing yen withdrawals for the first time, triggering the exodus of money. Chief Operating Officer Yusuke Otsuka is still sticking to promises to compensate users, though he wouldn’t go into the root causes of the heist during a hastily arranged briefing in Tokyo.
The exchange is considering capital alliances and has engaged an external firm to verify its security before resuming full operations, he told reporters. Coincheck earlier submitted a report to Japan’s Financial Services Agency explaining how the hack occurred, what kind of support will be provided to customers and how systems will be bolstered to prevent future hacks, the company said in a separate statement.
Otsuka wouldn’t divulge further details. The FSA will now review Coincheck’s report to decide whether to grant a license to the exchange, which was allowed to operate without one before the theft.
The $500 million hack, the largest in a run of cryptocurrency heists that stretch back to Tokyo-based Mt. Gox in 2014, has increased calls for stricter oversight of the fast-growing industry. Governments have struggled to regulate Bitcoin and other currencies, with some imposing sweeping bans while others remain permissive. Japan has tried to navigate a middle road by allowing most operations to continue while enacting new regulations in April.
“We plan to continue making meaningful improvements to our system,” the company said in its statement. “We promise to continue working tirelessly to regain your trust through meaningful and tangible improvements to our services and platform.”
It’s unclear whether Coincheck identified the cyber-thieves. South Korea’s spy agency is said to have begun investigating the possibility that North Korean hackers orchestrated the theft.
The exchange is still allowing users to trade Bitcoin, but has frozen all other activity on its platform. While Coincheck’s promised to reimburse victims of the hack, it’s neither begun that process nor provided details of its plan. It repeated on Tuesday that it has the funds to do so. Otsuka said he sees a rough a timeline for that happening, but didn’t elaborate.
As for other cryptocurrencies such as Ether and Ripple on deposit, Otsuka said withdrawals will be allowed after security checks with the third-party firm it’s engaged, but would likely take place only after reimbursing those whose NEM coins were stolen.
“We are continuing to confirm and improve the security of our systems in order to resume transfers of other cryptocurrencies and begin reparation payments as soon as possible,” the company said.
Separately, the FSA on Tuesday ordered Macau-based Blockchain Laboratory Ltd. to stop operating in Japan without a license. The startup offers seminars and consulting services on cryptocurrencies in Japanese, according to its website. Co-founder Jay Liu said he could not immediately discuss FSA’s order, while FSA officials said the company was not applying for an exchange license.