Bithumb’s notice addresses the 2017 exposure of about 30,000 users’ personal information, including names, email addresses, and phone numbers, while stating that account IDs and passwords were not leaked. The company says it reported the incident to Korean authorities, restricted access to affected accounts, created a dedicated response center, compensated affected users, and underwent government-led system review that found no other external intrusion traces. Bithumb separates that data exposure from a later cryptocurrency theft affecting 243 users, attributing the theft to long-running credential-stuffing attempts using credentials obtained or guessed from other services and additional voice-phishing of authentication messages. The excerpt provides incident-response and fraud-chain context for a cryptocurrency exchange breach, but it does not support attribution to a named threat actor.