Former employees of the now-defunct Cryptopia digital currency exchange have acknowledged stealing NZD 245,000 (about USD 172,000) from outdated addresses. The employee thought he could get away with it, but his deception was discovered when a former customer made an unrelated error. This heist, however, had nothing to do with the $17 million attacks that forced the exchange to close.
Before the crypto exchange was hacked, the employee, whose name was concealed by the court, worked for Cryptopia. The employee copied some of the secret keys to his computer, according to a report by Stuff.co.nz in New Zealand. Hence, he held the private keys, thus controlling the digital currencies in the wallet when the exchange was liquidated and the workforce was let go.
With over 80 employees, Cryptopia was one of New Zealand’s largest exchanges. It had also carved out a niche in the global digital currency market, with over 1.4 million customers globally. However, it was hacked in January 2019 and went out of business in May. It had roughly NZD 170 million in customer funds ($120 million) at the time.
Even though he no longer works at the exchange, the employee had access to approximately $70 million in consumers’ digital currency. According to court filings, he initially stole $165,000 and then added $7,000.
It all came to a head when a former Cryptopia customer contacted Grant Thornton, the firm in charge of the exchange’s liquidation, claiming that he had unintentionally transferred some BTC into one of the old exchange wallets. The liquidators discovered other inconsistencies while evaluating this transaction. 13 BTC had been withdrawn, with part of it going through a mixing service to hide the source and destination.
According to the report, the employee admitted to refunding the majority of the money and promising to return the rest if the liquidators could guarantee that no legal action would be taken against him.
He later confessed to his crime after surrendering to the authorities. The facts were summarized as follows at the time:
“The defendant admitted that he was frustrated with Cryptopia but also motivated by the belief that he could get away with the theft as he thought nobody would ever check the old deposit wallets.”
The ex-employee acknowledged two offenses through his lawyer: theft by a person in a special connection and theft exceeding NZD 1,000. At the Christchurch district court, he was found guilty and put on bail until his sentencing on October 20.