The South Korean regulator has fined Bithumb for the leak of personal data of more than 38,000 users, caused by vulnerabilities in the exchange's security system.

The Commission for Communications of South Korea (KCC) has decided to issue a penalty for the country's largest crypto-exchange Bithumb "for allegedly leaking the private data of its users," the Yonhap news agency reported. The regulator decided to impose a fine of 60 million won ($55,000) on BTC Korea.com, the operator of the Bithumb crypto-exchange. The commission also obliged the company to take steps to strengthen the security of the customers' data storage system. Also, the regulator recommended that the exchange operator punish employees who are guilty of security vulnerabilities.

The penalty is calculated according to the turnover of the trading platform in the period from 2014 to 2016. The regulator is also considering to take steps to increase fines for personal data leakages.

According to the commission, Bithumb was twice attacked by hackers in 2017. The cybercriminals achieved access to the personal data of 31506 users in April and 3434 users in July.

As the regulator suspects, the exchange operator did not encrypt files with users' personal information and did not update the software with the proper software.

Earlier, a customer of another large exchange Bittrex found out that the email he received from Bittrex contained scans of identification documents of other users. Despite the wave of indignation from the exchange's users, Bittrex did not comment on the situation.