During the start of 2018, Binance had faced a massive threat that its KYC data point was allegedly breached by a hacker under a pseudonym – exploitDOT.
Earlier today, a Telegram user by the name, “Guardian M”, started dumping the proof of the allegedly “breached” KYC data of Binance customers. A total of 851 photos of KYC data was uploaded on the Telegram group containing passports, driver’s license, and other personal documents, and a link to a website that reported this alleged KYC “hack”.
CZ downplayed the unfolding events as “FUD” and asked users to remain calm as they looked into the situation.
Don't fall into the "KYC leak" FUD. We are investigating, will update shortly.
— CZ Binance (@cz_binance) August 7, 2019
However, Binance replied to a thread on Reddit saying that the images had “inconsistencies” when comparing it to the data in “their system”. The Exchange believes that the data was not obtained from Binance. It also said that their security team is working on investigating the source of these images.
As always, the exchange has promised users that it will try to maintain “the highest degree of transparency”. Binance has previously proved that it will stick to its words especially when it comes privacy, the best example would be the recent Binance hack and CZ’s take on it during an AMA.
It is also important to note that the data being dumped could be from a number of sources, it could be data obtained by phishing, or from phones, cloud services, etc, which was pointed out by Kraken’s Jesse Powell.
Binance released a statement on the current developments. The statement read:
We would like to inform you that an unidentified individual has threatened and harassed us, demanding 300 BTC in exchange for withholding 10,000 photos that bear similarity to Binance KYC data. We are still investigating this case for legitimacy and relevancy. After refusing to cooperate and continuing with his extortion, this individual has begun distributing the data to the public and to media outlets.
Read more about Binance’s response here.