Binance KYC leak hack or not?

[Smokey23]

How do you think Binance suppose to play with the hacker? Is it right that Binance will just pay the hacker? I think that would not solve the problem, though this is just a piece of information and no money involve, Binance reputation are well affected here, those who sees there names displayed will surely not gonna use the service again.

True, it is a tricky issue and there is no prescribed way to deal with this type of situation. Every situation is unique and demands different.

This reminds me of the data leak from the largest telco in India some years ago - https://www.livemint.com/Industry/ucK2SJDM4Ws8k36ovZVj6H/Reliance-Jio-customer-data-allegedly-compromised-report.html

They didn't play ball, so the hacker just sold it on the dark web.  A small bump in the road for Jio who's reputation for being unscrupulous faaar exceeds any comparatively miniscule reputational damage done by this leak. Today, they have put most other telco's in India out of business.

[Zicadis]

Binance is getting too big for its own good. Now with their margin and lending products they are making themselves even big of a target and on top of that they are not even catering to their most well paying customers. Us Americans. So if you ask me if the KYC leak was a hack or not? I don't know. But I sure as hell would not like to be one of the victims resulting from such a leak.

[darklus123]

Binance tries to settle it in a smoothly cunning way. Although they are already offering VIP membership to the thousands of victims, which to me is already a subtle way of accepting the responsibility over what happened, they are still short of explicitly admitting that there was indeed a successful KYC hack on their system. CZ has initially labelled it as "FUD" and then they are now releasing a statement that no single leaked image bears the concealed digital watermark which Binance's KYC images have.

I think the hackers are not white hackers. They are not there to help Binance boost their security system. Neither are they simply trying to test the protection that Binance has. They are obviously black hat hackers, extorting money from their victims, in the case of Binance 300 BTC. 

But seriously a lifetime VIP? is it really a good compensation over security? They really are not and it seems that the frontline is only involving one person which is consistently posting new Leaked data that he have.

It seems that they are not planning to settle it out until Binance will give them what they want (I am however very skeptical about it)

[Smokey23]

Why the hell would anyone want to be VIP member of the site that can't handle it's regular members securely?!?!

[BaseFEX]

We are an exchange ourselves, and we think exchanges shall never collect KYC info from customers because, hey guys, let's face the uncomfortable reality:

We, as small-to-medium size businesses ( let's admit it guys, even the largest exchanges shall be considered mid-size business by real world standard), are not as sound as government agencies in terms of cyber security and the short history of crypto we have lived through has already proven this point hundreds of times. And, if a hack does occur, we don't have the kind of resources nor the legal authority to track down and arrest hackers and retrieve the lost KYC info.

Collecting KYC info jeopardizes our customers' privacy, and also infringes the original spirits of cryptocurrency. That's why we as a team decide we will never make KYC requirements. Period.

Sadly, some government agencies are making these inconsiderate requests that equally jeopardize their citizens' privacy.