Tolu is a cryptocurrency and blockchain enthusiast based in Lagos. He likes to demystify crypto stories to the bare basics so that anyone anywhere can understand without too much background knowledge. When he's not neck-deep in crypto stories, Tolu enjoys music, loves to sing and is an avid movie lover.
A Cryptopia employee has told a Christchurch District Court that he stole NZ$250K from the crypto exchange by copying private keys.
The Cryptopia hack story has recorded a new development as a former employee has pled guilty to stealing close to $250,000 (US$171,969) from the New Zealand-based international crypto exchange platform. The ex-employee admitted to stealing NZ $250K worth of cryptocurrencies and customer data.
According to a recent report from a local news outfit, the ex-employee admitted to the Christchurch District Court on Monday. The admittance was through his lawyer, Allister Davis, to Judge Gerard Lynch. The former employee, whose name is withheld under an interim name suppression, has been remanded on bail.
At its peak, Cryptopia had 1.4 million customers and over 80 staff. However, the company suffered a terrible hack in 2019, which forced a liquidation process. While the hack saw the company lose at least $17 million in crypto, over $100 million (in 2021 prices) worth of customer funds were frozen. The company tried to recover the stolen funds without success but eventually had no choice but to file for liquidation, handled by accounting and consulting firm, Grant Thornton. However, the ex-employee’s theft is unrelated to the hack.
While still a staff, the former employee reportedly raised concerns with Cryptopia’s management about private keys. The unnamed employee allegedly told management that the security around private keys held for several companies was inadequate. At some point after that, the employee created copies of the private keys without due authorization. He then saved them on a USB drive and took them home to upload on his personal computer.
Cryptopia Employee Unravels
Last September, Grant Thornton reportedly received an email from a Cryptopia client reporting that he mistakenly sent Bitcoin to an old company wallet and wanted the funds back. This led to a further investigation which revealed that a series of transactions saw 13 bitcoin leave Cryptopia’s wallet. The employee also passed two of the bitcoin through a mixing service to mask their trail. About a week after the email, Grant Thornton received a message from the unnamed employee admitting he stole bitcoin and $10,000 worth of another asset. The employee said he had returned some of the loot and wanted to hand the rest over.
At the time of the transaction, the total amount of Bitcoin the employee stole was near NZ$235,000 (US$164,950). According to a reported summary of the facts:
“The defendant admitted that he was frustrated with Cryptopia but also motivated by the belief that he could get away with the theft as he thought nobody would ever check the old deposit wallets.”
He admitted to two charges, including theft of more than $1,000 and theft by a person in a special relationship. The unnamed former employee was convicted and will be sentenced on October 20.
New Zealand police are still keeping an open mind on who was behind the Cryptopia hack. The total funds stolen was 15% of customers’ crypto stock and was the biggest heist in the country’s history.