Coincheck, one of the biggest cryptocurrency exchanges in Japan, announced in a press conference that they will refund most of the funds that were stolen in what is said to be the largest heist in crypto history.

The Tokyo-based company promised that they will reimburse over 46 billion yen ($423 million) to their clients who lost their virtual assets (NEM) last Friday.

 In a country where more than 10,000 businesses accept payments in cryptocurrency, the theft left most investors in a shaky state, considering how this isn’t the first time something like this has happened in Japan. In 2014, Mt. Gox, another Tokyo-based exchange, was forced to shut down all operations after $400 million worth of Bitcoin was stolen from their network.

How It All Went Down 

Last Friday, rumors about a possible theft started circulating in the crypto space a few hours earlier when Coincheck abruptly halted all withdrawals and froze most of its services. According to an official announcement on the exchange’s website, the firm had suspended the withdrawal, deposit or trading of XEM, the token running on the NEM blockchain.

Thirty minutes later, suspicions rose as the restriction extended to all cryptocurrencies as well as the Japanese yen. Within an hour, except for Bitcoin trading, all other trading activities were halted, resulting in a site-wide shutdown. Based on latest updates, other deposit methods including credit cards have also been stopped.

Further investigation shows how the stolen NEM coins were stored on low-security “hot wallets” and not multisig wallets, which are much more secure. A hot wallet is essentially the part of an exchange that is connected to the internet, as opposed to a cold wallet, in which your funds are stored securely offline. According to representatives from Coincheck, the hackers were able to get hold of the private key to the hot wallet where all the NEM coins were stored and funnel them “illicitly” into an unknown address. When pressed by the media, Coincheck also revealed that all the other cryptocurrencies on the exchange were stored in multisig wallets – all except for NEM.

What Next?

 According to Coincheck, they received news about the addresses in which the stolen NEM are being stored, and plan to track the thieves with this tip.

Although the company did not disclose the number of investors that were affected by this attack, they promised to refund all of the stolen funds. When asked whether they will resume business as usual or declare bankruptcy because of this hack, Coincheck said that “in theory” they plan to do the former.