Seoul Southern District Court ruled that cryptocurrency exchange should compensate for losses incurred victims during the hacking.
According to the decision of the Seoul District Court, CoinOne (the defendant) is to pay the plaintiff 25 million won ($ 20,890).
As of November 22, 2018 on the accountThe plaintiff held 9 cryptocurrencies, including 47.7 million won and 2718.33894 EOS. On December 23, the funds were used to purchase BTC and transferred to someone else's account.
Login IP address was the VPN server addressin the Netherlands. At the same time, the hacker used the password and the individual claimant's Google Authenticator to conduct the transaction. In accordance with CoinOne’s policy, the daily withdrawal limit by transferring cryptocurrency to the plaintiff’s account was 20 million won. Despite this, the hacker managed to steal a large amount.
The plaintiff insisted that minimal transaction protection measures, such as blocking access to other people's IP addresses, were not set sufficiently, and that BTC exceeded the withdrawal limit.
According to the defendant, CoinOne is not required toprotect the transaction, because the transaction in this case is not a leak or absorption of the plaintiff’s personal information, and the withdrawal limit is set in accordance with a separate government policy and cannot be considered a violation.
In turn, the judge said that the exchange is obligedintroduce withdrawal limits to prevent financial losses, and if this restriction is not respected, exchange operators must be punished. The court ruled that CoinOne should pay the plaintiff 25 million won.