The article was updated on 13 November, 2019 by Amicus.
07 August, 2019 | AtoZ Markets - The story began as a Telegram group, which has over 8300 members, spread images of Binance's customers’ IDs, as claimed at the time, the thing that pushed the clientele to panic.
Binance KYC data breach
Soon as the news reached Binance’s end, the CEO of the cryptocurrency exchange mentioned rushed to whisper on his Twitter account about the incident, saying:
“Don't fall into the "KYC leak" FUD. We are investigating, will update shortly.”
In the meanwhile, a fierce storm of rage broke on Twitter among the cryptocurrency community. That denounced the incident and further doubted the news was fake.
An eye-catching tweet was that replied to cz_binance’s tweet, saying, “This is why it's very stupid to share your passport and picture to an exchange somewhere abroad. Didn't we all embraced crypto. So that we didn't have to share all out sensitive data to third parties?”
Anger broke out among customers and other crypto enthusiasts and traders.
Denouncing how cryptocurrencies, which are intended to help save anonymity, lead to such exposure
Doubts that what the exchange came up with at the time was real
Not so long after that, once again, Binance's CEO tweeted saying:
"I would like to add, by joining or spreading the link of the telegram group, you are helping malicious hackers (at least giving attention). What we should do as an industry is to fight them. Stay on the positive side. Report the group, then leave. ???
Changpeng Zhao tweets saying: “I would like to add, by joining or spreading the link of the telegram group, you are helping malicious hackers (at least giving attention). What we should do as an industry is to fight them. Stay on the positive side. Report the group, then leave.”
The tweet above once again stirred extensive rage among the crypto Twitteratis, where some claimed the exchange to delete all sensitive data pertinent to its customers, once the management is done with the KYC verification process.
However, Binance finally came up with a conclusion on the incident a couple of hours ago, addressing Binance’s clients. “Dear Binancians, We would like to inform you that an unidentified individual has threatened and harassed us. The individual was demanding 300 BTC in exchange for withholding 10,000 photos. That bears similarity to Binance KYC data. We are still investigating this case for legitimacy and relevancy. They refuse to cooperate and continuing with this extortion. After this individual has begun distributing the data to the public and to media outlets.”
Per Binance’s security team, “there are inconsistencies when comparing this data to the data in our system. At the present time, no evidence has been supplied that indicates any KYC images have been obtained from Binance. These images do not contain the digital watermark imprinted by our system. With that said, our security team is hard at work pursuing all possible leads in an attempt to identify the source of these images.” Stressing that their initial investigations could spot. There were inconsistencies in the leaked photos and images of the data stored on the exchange’s servers.
“On initial review of the images made public. They all appear to be from February of 2018. At which time Binance had contracted a third-party vendor for KYC verification in order to handle the high volume of requests at that time. Currently, we are investigating with the third-party vendor for more information. We are continuing to investigate and will keep you informed.” Said the update statement.
Binance's security team's statement concluded that the investigations were still going on at press time. And that the exchange will publish updates accordingly as their findings develop.
Think we missed something? Let us know in the comments section below.