Binance clients’ data may have been leaked!
On July 3, the CEO of Binance confirmed that in the darknet, their services had discovered more than 1 billion personal data of residents of China, among which, with a high probability, could be the exchange users.
The leaked data includes names, addresses, national identifiers, cell phone numbers, and police and medical records. The attackers are offering access to the database for 10 bitcoins, which is relatively inexpensive for such many subjects to disclose.
The total data volume exceeds 23 terabytes, and it is the most significant cybersecurity breach in Chinese history. The potential damage has even led to talk of a possible hackers’ bluff. However, as we already know from Mr. Zhao, this is unfortunately true.
Many observers call the reaction of users nothing short of shocking. Even worse, the main cause for the exploit seems to have been an unfortunate mistake by a government developer, who, for some incredibly stupid reason, included credentials from the Shanghai police database in his technical article on the CSDN profile forum.
Despite the seriousness of the leak, the standard security measures recommended for centralized exchanges should be sufficient. Use two-factor authentication and anti-phishing codes, manage a list of “white addresses” and periodically change access passwords.
As for Binance clients, it is reported that the administration will take additional control of accounts at risk due to the precedent. However, these measures may also become a source of discomfort because of increased processing time.