Close Menu
    Home / About / Advertise / Contact
    News

    Bithumb Hit With $136K Fine Over Unauthorized Cross-Border User Data Transfers

    Oliver DaleBy No Comments3 Mins Read

    Key Highlights

    • Bithumb penalized 210 million won for unauthorized international data transfers.

    • Privacy commission determined Bithumb transferred information to unapproved platforms.

    • Corrective measures mandated for international personal information handling.

    • Data sharing with 13 international exchanges violated consent requirements.

    • Enhanced blockchain privacy regulations increase compliance demands for Korean platforms.

    South Korea’s privacy oversight body has imposed a 210 million won financial penalty on Bithumb following unauthorized international user data transfers. The sanction, valued at approximately $136,000, comes with mandatory corrective actions governing future cross-border information sharing. This enforcement action represents an expansion of regulatory scrutiny beyond traditional money laundering prevention measures.

    Order Book Sharing Violated User Authorization Requirements

    The Personal Information Protection Commission approved the enforcement action during its June 24 plenary session. Investigators examined order book distribution practices and digital asset transfers involving international platforms. Findings revealed that Bithumb violated multiple provisions within South Korean personal information protection statutes.

    Between September and November 2025, the exchange distributed its Tether market order book data to foreign entities. While users had granted authorization for information sharing with Stellar exchange, investigators discovered a different platform actually operated the recipient infrastructure. The commission identified BingX as the actual recipient, creating a discrepancy between authorized and actual data recipients.

    The distributed information contained member identification numbers and transaction details connected to active trading operations. Consequently, regulators classified this arrangement as an international personal information transfer. Bithumb had not obtained proper authorization covering the platform that ultimately received user information.

    International Exchange Data Sharing Created Additional Infractions

    Investigators additionally reviewed digital asset transfers between Bithumb and 13 foreign trading platforms. These transactions included sender and recipient identities, wallet identifiers, and certain birth date information. The exchange transmitted this data while performing anti-money laundering verification procedures.

    The commission acknowledged that trading platforms may require personal information for regulatory compliance purposes. Nevertheless, organizations must still implement proper authorization and notification protocols before transmitting information internationally. Bithumb neglected to fulfill these requirements across multiple overseas transfer operations.

    The corrective directive mandates the exchange restructure its international data handling protocols. It must authenticate recipients and secure explicit authorization before executing future transfers. Bithumb must also provide transparent disclosure regarding overseas transfers within its privacy documentation.

    Data Protection Enforcement Complements Broader Cryptocurrency Regulation

    This decision follows previous enforcement actions targeting Bithumb over money laundering prevention deficiencies. Korean regulatory bodies previously levied a 36.8 billion won sanction for customer verification and transaction monitoring failures. Those violations included transfers involving unregistered international virtual asset service operators.

    South Korea has simultaneously expanded oversight of international cryptocurrency operations through enhanced reporting and tax collaboration initiatives. Proposed regulations may increase suspicious activity reporting requirements related to foreign transfers. Officials are also preparing to exchange cryptocurrency transaction information through OECD reporting mechanisms.

    Accompanying the penalty, the commission published privacy implementation guidelines for blockchain service operators. The framework covers public ledger records, participant information distribution, tracking vulnerabilities, and data deletion procedures. It specifically advises against recording personal names and national identification codes directly within blockchain systems.

    The oversight body expects blockchain companies to integrate privacy safeguards throughout product conception and technical development phases. It has also signaled rigorous enforcement against organizations violating personal information protection standards. The Bithumb enforcement action positions user authorization alongside AML compliance and tax reporting within South Korea’s comprehensive cryptocurrency regulatory framework.

     

    ✨ Limited Time Offer

    Get 3 Free Stock Ebooks

    Discover top-performing stocks in AI, Crypto, and Technology with expert analysis.

    • Top 10 AI Stocks - Leading AI companies
    • Top 10 Crypto Stocks - Blockchain leaders
    • Top 10 Tech Stocks - Tech giants
    📥 Get Your Free Ebooks
    Free Stock Ebooks
    Share.

    Oliver Dale is Editor-in-Chief of MoneyCheck and founder of Kooc Media Ltd, A UK-Based Online Publishing company. A Technology Entrepreneur with over 15 years of professional experience in Investing and UK Business.His writing has been quoted by Nasdaq, Dow Jones, Investopedia, The New Yorker, Forbes, Techcrunch & More.He built Money Check to bring the highest level of education about personal finance to the general public with clear and unbiased reporting.oliver@moneycheck.com

    KO Stocks

    Related Posts

    Add A Comment

    Comments are closed.

    No KYC. 70% Rakeback & 10% Cashback, Exclusive Thrill Originals!