Binance has been hit with its second security breach this year as a hacker has begun releasing customers’ personal information related to the exchange’s know-your-customer (KYC) processes. The hacker began releasing the information after Binance refused his extortion demand of 300 Bitcoins. Although Binance is downplaying the significance of this incident, it is cooperating with authorities and has offered a 25 Bitcoin reward for information leading to the hacker’s identity.
Personal data alleging to belong to Binance customers began showing up on a Telegram channel on August 7th. This data included photos of individuals holding identification documents and hand-written pieces of paper. Exchanges often require such pictures for account verification. Binance has claimed that the pictures were likely stolen from a third party processor, but has not denied they were of its account holders. The exchange also stated that these pictures had been available for several months on the dark web.
Coindesk claims that it has been in contact with the hacker, who uses the pseudonym “Bnatov Platon,” and claims to hold as many as 60,000 pieces of personal information on Binance users. According to Coindesk, Platon also claims that he has information on the hackers behind the 7,000 Bitcoin theft the exchange suffered earlier this year, and that he initially offered this information to Binance administrators, but that negotiations broke down. He also asserts that the Bitcoin theft was an inside job.
For its part, Binance has stated that this situation is nothing more than an extortion scheme, and that the customer information has been released purely because it has refused to pay up. Binance has stated:
“We would like to inform you that an unidentified individual has threatened and harassed us, demanding 300 BTC in exchange for withholding 10,000 photos that bear similarity to Binance KYC data. We are still investigating this case for legitimacy and relevancy.”
Binance has also stated that the hacker claims to have KYC information from other exchanges. The person, or persons, behind this hack as well as their true motives may never be known. Nevertheless, even if they are caught there is no doubt that Binance has once again suffered a serious blow to its reputation as a secure and trustworthy exchange. Notably, this failure does more than shake public confidence. Binance is presently striving to work with governments to become a legitimate, regulated, financial institution. This incident may give regulators pause before granting such licensure.
More information on this hack will likely emerge in the coming days and weeks. Also, it is possible that more user data may be released. CryptoNews will give updates as more news becomes available.
Featured Image via BigStock.