Bithumb blunder exposes dangers of crypto laxity

Bithumb, one of South Korea’s two largest cryptocurrency exchanges, mistakenly distributed about 61 trillion won worth of bitcoin on Feb. 6 as prizes in a customer promotion. The error occurred when an employee entered the payout unit as bitcoin instead of won, resulting in rewards 98 million times larger than intended. A simple input mistake nearly triggered a major financial crisis.

Bithumb paid roughly 240 recipients at least 2,000 bitcoin each, equivalent to more than 196 billion won per person based on that day’s trading price of about 98 million won per bitcoin. Transactions of this magnitude should have triggered automatic alerts or required verification by multiple staff members to prevent erroneous transfers. In this case, however, the exchange’s multilayered internal controls and security procedures failed.

As of the end of September last year, Bithumb reported holding 42,619 bitcoin entrusted by customers and 175 of its own. Despite this, the exchange distributed 620,000 bitcoin as prizes, roughly 14 times its combined holdings. In effect, Bithumb created and handed out so-called ghost bitcoin that existed only on its internal ledger, not in actual reserves, prompting criticism that the exchange effectively duplicated assets without backing.

In principle, cryptocurrencies are managed through decentralized ledgers on blockchain networks. In practice, however, most exchanges, including Bithumb, store customers’ deposited coins in their own wallets for convenience, recording transactions only on internal ledgers, much like banks. Until assets are withdrawn, customers’ coins exist solely on an exchange’s books. This system makes it difficult to detect when an exchange creates and circulates more coins on its ledger than it actually holds.

Bithumb says it has recovered most of the erroneous payouts, but some recipients sold the bitcoin they received and converted it into cash. As a result, bitcoin prices on Bithumb briefly fell about 10 percent compared with other exchanges, causing market disruption. Had the mistakenly distributed bitcoin been transferred to other platforms, recovery could have become impossible. Clear rules are needed to assign responsibility and establish procedures for restitution and compensation in such cases.

The Bithumb incident has exposed vulnerabilities that could allow hacking attacks or internal ledger manipulation to trigger major financial crises. Financial authorities must conduct a thorough investigation and strengthen safeguards to prevent similar incidents, ensuring that failures at cryptocurrency exchanges do not spread to the broader financial system.