Last week there was news about Customer data being hacked and sold on the dark web. With regards to the same, the leading cryptocurrency exchange in the world, Binance, recently gave out its statement in which it clarified that the leaked know-your-customer (KYC) data pertaining to cryptocurrency exchange users don’t belong to their user database as they use digital watermarks on each picture which they collect from the users as part of the KYC.
There were reports recently which revealed that leaked user data was being sold on the dark web by a hacker by the name “ExploitDOT.” The news was out, post three pictures of individuals were leaked in which the individuals were holding a paper piece which had the word “Binance” written on it along with the date when the picture was taken. The individuals were also holding the identity cards or drivers’ licenses of the users next to the piece of paper.
While these had the word Binance in them, the hacker advertised KYC data from leading exchanges, including Bittrex, Poloniex, and Bitfinex. While initially the cryptocurrency community largely dismissed the report as “fake news,” soon the hacker posted proof he/she does have leaked KYC images from crypto exchange users after seemingly feeling provoked.
Though the pictures had the word ‘Binance’ written on them, the hacker exposed KYC data of the users belonging to the top cryptocurrency exchange companies such as Bittrex, Poloniex, and Bitfinex. Initially, the exchanges discharged the reports by terming it as “fake news,” which probably proved the hacker which made him post the proof of having such leaked data of the users from cryptocurrency exchanges.
The to and fro game did not end here as Binance further revealed that it has evidence to prove that the leaked KYC data does not pertain to Binance user accounts. Giving out a statement the cryptocurrency exchange stressed that security is its major priority for which it has taken “various measures in place to ensure safe-keeping” of its customers’ Sensitive information.
Binance further added that it has the KYC data “stored and indexed with fine-grained permission controls and further protected by stringent security audits.” The company investigated that whether such leakage images belong to their user accounts or not and concluded that as the pictures did not carry any digital watermark on it hence, it doesn’t belong to Binance user accounts.
Binance gave its statement which said, “To elaborate, in regards to the image data we collect from our customers during the KYC process, every image that the Binance system processes for KYC purposes are embedded with a hidden Digital Watermark, only perceptible under specific conditions,” Adding that the “embed information on each personnel that has initiated image-related operations, as well as the source of the photo and relevant audit details.”
Commenting on the leaked data news on Twitter, Binance tweeted that “We want to assure our customers that Bitfinex is aware of this situation and can confirm there is no security breach to our platform. As always, if there are any queries please get in touch with our support team.”
Assuring of the user data security, Binance added that it has an advanced technology which detects the digital watermarks even if the images are modified. Further, Binance also clarified that it has implemented various safety measures to ensure that the sensitive user information is “encrypted in accordance with industry standards (AES).”
Binance concluded by stating that it will stay alert by “promptly reviewing and assessing” the rationality of any further claims regarding the leak of any sensitive information.
For the time being the source of the leaked data is still unknown.