Key TakeawaysSouth Korea’s privacy authority levies 210 million won penalty against Bithumb.Exchange shared user information with unauthorized international platforms.Corrective measures mandated for handling international personal information flows.Data shared with 13 global exchanges violated consent requirements.Expanded regulatory framework increases compliance burden for crypto platforms.South Korea’s privacy enforcement body has imposed a 210 million won financial penalty on cryptocurrency exchange Bithumb for unauthorized international transfers of customer information. The sanction, approximately $136,000, accompanies mandatory corrective actions addressing the platform’s cross-border data handling procedures. This enforcement action represents an expansion of regulatory oversight beyond traditional financial compliance measures.Unauthorized Platform Received Order-Book InformationThe Personal Information Protection Commission approved the enforcement action at its comprehensive review session held June 24. Investigators examined the exchange’s order-book distribution practices and digital asset transfers involving international entities. Authorities determined that the platform failed to comply with national privacy protection standards.Between September and November 2025, Bithumb distributed its Tether trading order book to foreign cryptocurrency platforms. While customers had authorized information sharing with Stellar exchange, the actual receiving system was operated by a different entity. Regulators identified BingX as the true recipient, creating a mismatch between approved and actual data destinations.The shared information contained user identification numbers and transaction specifics tied to individual trading behavior. Consequently, authorities classified this arrangement as international personal data transmission. Bithumb had not obtained appropriate authorization covering the platform that ultimately accessed customer information.International Exchange Transactions Compounded Compliance FailuresInvestigators also scrutinized digital asset transactions between Bithumb and 13 international trading platforms. These transactions contained sender and receiver identities, digital wallet identifiers, and certain birth date information. The exchange transmitted this data while performing financial crime prevention verification procedures.Authorities acknowledged that trading platforms may require personal details for regulatory compliance verification. Nevertheless, organizations must implement proper authorization and disclosure protocols before transmitting information internationally. Bithumb neglected to establish these required procedures for multiple cross-border data sharing agreements.The enforcement order mandates comprehensive revision of the platform’s international data transmission framework. The exchange must authenticate recipients and secure explicit authorization before executing future transfers. Bithumb must additionally provide transparent disclosure of overseas data sharing within its privacy documentation.Expanded Oversight Framework Targets Cryptocurrency SectorThis enforcement follows previous regulatory sanctions against Bithumb concerning financial crime prevention shortcomings. Authorities earlier assessed a 36.8 billion won penalty for customer verification and transaction monitoring deficiencies. Those violations included transactions involving unregistered international virtual asset platforms.South Korea has expanded monitoring of international cryptocurrency operations through enhanced reporting protocols and tax information exchange initiatives. Forthcoming regulations may increase suspicious activity reporting requirements for foreign transactions. Officials are preparing to exchange cryptocurrency transaction information under international tax transparency agreements.Accompanying the penalty, the commission published comprehensive privacy guidance for blockchain technology providers. The framework addresses public ledger considerations, participant information distribution, surveillance concerns, and data removal protocols. Officials specifically discourage direct recording of personal names and government identification numbers on blockchain systems.The regulatory body requires blockchain enterprises to integrate privacy safeguards throughout design and implementation phases. Authorities signal stringent enforcement intentions when organizations violate personal information protection mandates. The Bithumb enforcement positions user authorization requirements alongside financial crime prevention and tax compliance within South Korea’s comprehensive cryptocurrency regulatory framework. The post Bithumb Hit with $136K Fine Over Unauthorized Cross-Border Data Transfers appeared first on Blockonomi.