On February 28, 2023, hackers breached Wemix's Play Bridge Vault, withdrawing 8.6 million WEMIX tokens. An official statement was not released until four days later, prompting public criticism. CEO Kim Seok-hwan explained the strategic necessity behind the delay.
Timeline of Events
On the day of the incident, hackers used a stolen authentication key from the NFT platform Nile to manipulate the system for two months. Of the 15 transaction attempts, 13 were successful, with stolen tokens later sold on exchanges outside South Korea.
Incident Investigation
Upon detecting the breach, Wemix promptly shut down its servers and initiated an internal investigation. A formal complaint was also filed with the Cyber Investigation Team of the Seoul National Police Agency.
Response and Follow-Up Actions
Kim Seok-hwan took full responsibility for the delayed disclosure and apologized to investors for any concerns. He emphasized that premature disclosure could have subjected the company to further security risks and panic in the market. It was also noted that Wemix plans to strengthen its security measures.
Wemix's decision to delay the public announcement of the hack was driven by the need to avoid further threats and market panic. The CEO expressed a commitment to enhancing security measures to prevent similar incidents in the future.
