In early 2026, Bithumb — South Korea’s largest cryptocurrency exchange with approximately $1 billion in daily trading volume and over 8 million registered users — suffered a cybersecurity incident requiring a formal recovery plan. DataBreachToday reported in April 2026 that Bithumb had disclosed the incident and was developing a recovery plan for affected users. Bithumb has a lengthy history of security incidents: a 2017 hack led to theft of approximately $7 million in Ethereum and personal data of 30,000 customers via a compromised employee’s personal computer; a June 2018 hack stole approximately $31 million in XRP and other cryptocurrencies; a March 2019 hack stole approximately $13 million through an inside job (an employee was arrested). The Bithumb exchange is registered with South Korea’s Financial Intelligence Unit (FIU) and operates under the Specific Financial Transaction Information Act. South Korea’s Financial Services Commission and the Korea Internet & Security Agency (KISA) investigate cryptocurrency exchange incidents as critical financial infrastructure. The 2026 incident adds to Bithumb’s pattern of recurring security failures despite previous regulatory scrutiny and promised security upgrades. The exchange had been working to obtain full regulatory registration under South Korea’s Virtual Asset Service Provider (VASP) regulations.