The target: Bitpoint - A Tokyo based cryptocurrency exchange.
The take: 28 million USD total. 24 million were customer assets and 4 million were company assets. All of Bitpoint’s services are now suspended for customers.
The attack vector: Unauthorized access to its hot (stored/accessible online) wallet system through the mismanagement and compromise of user’s private keys. No breach of cold (offline storage) wallets were detected.