The private and personal details of hundreds of people have been exposed by an alleged hack against Binance’s know your customer (KYC) system.
In a move that Binance says may have come from an “unidentified individual” who has “threatened and harassed” the team, more than 800 photographs, purporting to show the ID documents, names and faces of Binace customers were revealed in a public Telegram group.
The move led to Binance issuing a statement about a ‘False “KYC Leak”’, in which they said someone had demanded 300 BTC from the exchange to withhold more than 10,000 photos.
In an effort to clear up the potential breach the posts reads:
“There are inconsistencies when comparing this data to the data in our system.
“At the present time, no evidence has been supplied that indicates any KYC images have been obtained from Binance, as these images do not contain the digital watermark imprinted by our system.
“With that said, our security team is hard at work pursuing all possible leads in an attempt to identify the source of these images.”
The story surfaced overnight, when it emerged a Telegram group had been set up that contained the supposed customer information.
The Telegram group grew quickly to around 9,000 members.
Accessing the group, users could easily find photographs from possible Binance customers that show information such as their date of birth, address, full names and signatures.
Many of the pictures are of people posing alongside their identity documents, a requirement of Binance’s know your customer (KYC) process.
The pictures are from people from around the world, with pictures showing a wide range of passports and driving licences. Including the United Kingdom, Japan, Vietnam, Romania, Uzbekistan and others.
The news spread like wildfire across the crypto media space, prompting Changpeng Zhao, CEO and founder of Binance to respond on Twitter.
In a tweet to his 400,000 followers he said:
Don’t fall into the “KYC leak” FUD. We are investigating, will update shortly.
The news comes just months after the cryptocurrency exchange was hit by hackers who stole 7,000 bitcoin from the company, valued at about $82 million.
While users’ funds were protected by Binance’s Secure Asset Fund for Users (SAFU), the hack severely dented global confidence in the exchange.