Exchanges

Binance KYC Photos Data Breach “False” But Exchange Investigates, Hacker Demands 300 BTC

A malicious hacker claims to have released Binance exchange customer data and that there’s more to come unless millions of dollars in bitcoin (BTC) is handed over.

Binance has issued a statement denying that it has suffered a data breach.

Know Your Customer (KYC) data from crypto exchange is purported to have appeared on the dark web in the past. The extortionist is demanding Binance pays 300 BTC or 10,000 photos will be released.

Binance says the individual has “begun distributing the data to the public”.

Binance denies security leak

So far the exchange is denying the data has come from inside its business. Binance’s blog post communication, confusing dated 6 August at the top of the post and 7 August in the footer, is titled: Statement on False “KYC Leak”.

The exchange says that it is the “same data set” already partly in circulation and previously reported by crypto news outlets such as CCN and Decrypt.

Data released in the previous dump was said to be Kraken and Binance KYC verification photos

Both exchanges denied that data was theirs. In the case of Binance it says all images that have been through its KYC are watermarked. It said that none of the sample images from the previous data dump had the watermark.

In today’s statement Binance says there are “inconsistencies” between its data and that seen in samples from the latest dump, with no Binance digital watermark evident in the photos.

“At the present time, no evidence has been supplied that indicates any KYC images have been obtained from Binance, as these images do not contain the digital watermark imprinted by our system,” reads the announcement.

Binance has put up a reward of 25 BTC for information leading to the individual’s identification.

Binance says from its initial view of the images, they are from February 2018. a time when it was employing a third party to cope with new customer onboarding load.

The hacker, according to Binance, has refused to “supply irrefutable evidence of their findings” and claims to have data from other exchanges.

Changpeng Zhao, Binance chief executive tweeted:

The exchange tweeted a link to its blog post on the “false” KYC leak at 8:52 UK time:

He has urged people not to share the link to the Telegram group:

Gary McFarlane
About author

Gary is a cryptocurrency analyst at interactive investor, the UK’s second-largest stockbroker. He has been writing professionally about cryptocurrency since 2013, when he initiated bitcoin coverage at Money Observer, one of the UK’s most respected investment magazines. Gary writes for EWN in a personal capacity and his contributions should not be taken as investment advice.
Sign up for our Newsletter 

1 Comment

Leave a Reply