On August 7, a Telegram user under the name “Guardian M” claimed to have proof of the allegedly breached know-you-customer (KYC) data of users of the crypto exchange Binance and uploaded 851 photos of KYC data on a Telegram channel.
The pictures contain passports, IDs, licenses, and other personal documents along with a link to the website on which the hack was reported. After the incident, thousands of people joined the channel in just one day.
Binance CEO Changpeng Zhao (CZ) took the incident as “FUD” and asked the users to remain calm. In a tweet, he said that people should not fall for the “KYC leak” FUD and they will update soon after investigating the matter.
Later on, according to a statement by Binance, the images are full of inconsistencies, do not match with the KYC data, and do not even contain the digital watermark imprinted by their system. Binance crypto exchange has also promised transparency to its users just like it has always tried to maintain the trust of its users especially when it comes to their privacy.
Jesse Powell from another large crypto exchange, Kraken, pointed out that the data being dumped could have been obtained from a number of other sources as well such as smartphones, cloud, or phishing etc.
In the statement released by Binance, an unidentified individual has threatened them by claiming to hold 10,000 pictures similar to Binance’s KYC data and demanding 300 Bitcoin (BTC)trade in exchange for those pictures. When they refused to cooperate with him, he began to share the data with the public and media.
The photos are dated to be from Feb. 2018, and at that time a “third-party vendor” was already working for Binance. The cryptocurrency exchange is now investigating that third-party vendor which they had contracted for KYC verification.
Crypto Hackers Plague the Industry
This is not the first time that something like this has happened in the crypto market, nor even to Binance. Last year, Binance faced a massive threat as a hacker under the name exploitDOT started selling 100,000 personal documents that were used to pass know-you-customer (KYC) on Binance and some other cryptocurrency exchanges. And in May this year, hackers managed to steal nearly $41 million in Bitcoin from Binance.
Binance has been taking several steps recently to ensure the quality of their services and for this purpose, it has partnered with many compliance service providers, such as IdentityMind, Chainalysis, Elliptic, Refinitiv, and Thomson Reuters.
Binance is also rewarding up to 25 Bitcoin (BTC)trade to those who will help in identifying the person/people behind this act, so that they could take legal action against them.
