Binance hacked again 10k+ KYC (FACEBOOK 2.0 LEAKAGE)

[freedomgo]

I think this is old news not recent.

The leaked happened now although the data are coming from 2018, that's a fresh news and this is a serious news especially if you get verified with Binance at that time, and it would also affect clients confidence in the future.

[Baofeng]

I think there's more to it, according to Coindesk, the hacker under the name of  “Bnatov Platon” has been in contact with Binance to help them find the hackers, unfortunately the negotiations went sour that's why the hacker put everything in public.

First, it has deep roots, extending back to an incident in May when an outside group broke into Binance user accounts and stole 7,000 bitcoin. At the time, Binance was, as always, public about its problems, describing it as part of a “large-scale security breach” in which “hackers were able to obtain a large number of user API keys, 2FA codes and potentially other info.”

Unmentioned, however, was that identifying user information may have been leaked.

It’s during this event that Platon alleges the information they have obtained about Binance customers was produced, although in a twist, he says he was not the perpetrator of the hack, but that he hacked an exchange “insider” involved in the heist.

https://www.coindesk.com/a-bitcoin-extortion-gone-wrong-inside-binances-negotiations-with-its-kyc-hacker

As this point, it's really hard to see who's telling the truth so make your own judgement.

[NGUYEN HUU TIEN]

Really?

[JNvak]

Can't they invest enough in security, I don't understand

Exactly! There are so many platforms that handle security better! It's truly upsetting to see people get their personal information leaked. Not to mention, some of them probably chose cryptocurrency because of its promise of anonymity. Such a shame.

I'll allow myself to copy most of the comments on the topic from Twitter: "We are not safu."

[Jating]

Can't they invest enough in security, I don't understand

I'm sure they have invested so much money in security or at least a good opsec 24x7. But how can you protect when in light of some news that the hacking incident was supposedly with the help of someone inside?

They offered some bounty to capture the culprit but I guess they really need some internal cleansing as well. Screening their opsec should be the order of the day for them, removed the bad eggs and replace them with people that are not 'blinded by money', so to speak.

[dr.cheema]

I can't believe but i am seeing documents on twitter and Telegram, how data can be leaked from binance exchange ... ??
I am using Binance exchange but I haven't submit kyc on exchange yet! is it safe to submit documents on binance exchange?
Please anybody can share CZ binance tweet related this issue??   

[Lisam023]

I can't believe but i am seeing documents on twitter and Telegram, how data can be leaked from binance exchange ... ??
I am using Binance exchange but I haven't submit kyc on exchange yet! is it safe to submit documents on binance exchange?
Please anybody can share CZ binance tweet related this issue??   

https://twitter.com/cz_binance/status/1159013954376437760?s=20

[Lisam023]

Can't they invest enough in security, I don't understand

Exactly! There are so many platforms that handle security better!

I'm intrigued. Can you name those platforms?

[JNvak]

Can't they invest enough in security, I don't understand

Exactly! There are so many platforms that handle security better!

I'm intrigued. Can you name those platforms?

Sure thing. I mentioned "many platforms" but to be completely honest, I only use one of them most of the times. It's CoinDeal. It recently got a Swiss VQF license, which is pretty rare for exchangers. Not to mention it is protected by SwissSign, SSL and Cloudflare.

[BrewMaster]

lol, this looks just like another exchange selling its users' KYC documents on the dark market and pocketing the money then pretending it was a hack. they have good excuses for it too since they got hacked a while ago and they are linking this to that.

how many times these centralized exchanges have to sell our personal data before we at least stop using them for altcoin versus bitcoin trades and only stick to them when fiat is involved?

[vintages]

The story might be an old one but it really speaks bad of Binance.
Any exchange does not have the right to store users IDs after KYC this is because when hacked, this is what hackers go after aside the funds.
It should be deleted immediately after the verification process. With incidents like this, users can sue them, and paying the damages fee won't be an easy on.

[Thirdspace]

Any exchange does not have the right to store users IDs after KYC this is because when hacked, this is what hackers go after aside the funds.
It should be deleted immediately after the verification process.

and what is the purpose of KYC if they will just delete it afterwards?
how are they going to confirm you is really you the next time something happens?
they need to keep data of their customers for future needs
so when something happens, they use it as basis data to re-verify you

[247bitcoinnet]

BTC is only anonymous if you have a wallet not on an exchange

The rest is just worse than fiat, all the info you have to give to exchanges is worse than a bank

KYC is bs

[takngantuk]

oh shit, exchanges like Binance can be hacked. and this isn't even the first time they have been hacked. and they say this is an old case, so it means that so far they have not informed that the KYC document has leaked.

[timerland]

Can't they invest enough in security, I don't understand

They spend heaps on exchange security, I'm guessing way more then just millions with the best security and white hat hackers, but if black-net hackers try hard enough, there's always that one screw or button left exposed and when activated, makes the structure come crumbling down.

Stay safe out there, the hacked might have actually happened but be careful not to be fooled by some fraudster that will take advantage of the situation.

For those who want to read Binance's official response https://www.binance.com/en/blog/365766157488967680/Statement-on-False-KYC-Leak

When you think of it, is this one of the reason why they pushed for Binance DEX?

I would definitely say that this helped move the DEX up on the priority list, a DEX that doesn't hold user funds would that they would no longer be viable to hacks, information leaks, or anything...

I can't believe some of the telegram channels with the picture up... Not sure if it is truely FUD now, a lot of the photos look real and it'll either cost a hacker a lot of money to fake something like or it'll be real.

[peter0425]

Traders worst nightmare. Just imagine seeing your face all over Telegram and Twitter holding your passport for verification purposes. Binance blunder big time here and for sure their reputation has somewhat damage with the latest controversy they got themselves.

[Oilacris]

how many times these centralized exchanges have to sell our personal data before we at least stop using them for altcoin versus bitcoin trades and only stick to them when fiat is involved?

Users would completely stop if these Cex will be gone and as long these exchangers exist people would continue to trust them yet this is the only passage for their coins to be transacted with fiat.We know that people aren't that blind when it comes to exploits or leaks but it turns out that they do make it as a casual stuff to burden.

[Potato Chips]

On initial review of the images made public, they all appear to be dated from February of 2018, at which time Binance had contracted a third-party vendor for KYC verification in order to handle the high volume of requests at that time. Currently, we are investigating with the third-party vendor for more information. We are continuing to investigate and will keep you informed.

We believe this is the same data set that was covered in previous news articles, such as: https://decrypt.co/4648/binance-kraken-exchange-data-haul.

Hmm... I don't think binance mentioned this third party during the 1st alleged KYC leak issue and they seemed to have only started investigating about them after this current issue broke out 

[Artemis3]

And that's the other ugly side of KYC, losing privacy and possible identity theft. This is the problem of the police state that governments always end pursuing "in the name of national security, etc". Ideally people would never exchange, and pay and be paid in bitcoin. Transition period is quite annoying.

[jaocoincrypto18]

This is only a rumor that something like FUD to make Binance in bad shape. In fact Binance market is currently surging which means that the Binance crypto users did not believe about this news. Here is the link https://www.ccn.com/news/binance-coin-bnb-surges-11%25-fud-hack-rumors/2019/08/08/amp/