Binance Denies Claims Of User Data Leakage On Its Platform

Binance crypto exchange denied claims stating its user data was leaked. (Photo; Doc. CoinBulteni)

JAKARTA - Binance, one of the largest crypto exchanges in the world, denies any data and code breaches on its platform, following allegations from a hacker claiming to have access to Binance law enforcement accounts and user data.

In a blog published on February 4, 2024, Binance said that their user accounts and funds remained secure and were not affected by the hacker's claims. Binance also confirmed that they have strict security procedures and conduct periodic audits to prevent information leakage.

"We found no evidence of data or code violations in Binance. We also found no evidence of the theft of crypto assets from our wallets," Binance wrote.

Binance claimed to have been aware of any law enforcement accounts suspected of being compromised by hackers, which use the name "KodexGlobal". The accounts are used to send requests for emergency data (EDR) to various platforms, including Binance, Coinbase, and Chainlink.

The hacker offered access to the account on the online forum "BreachForums", for $5.000 (Rp.78.6 million) or US$300 (Rp4.7 million) per EDR. The hacker also claims to be able to make EDR for other services, such as LinkedIn, Discord, Tinder, and SendGrid.

According to Binance, the KodexGlobal account is not an official account used by law enforcement authorities, but a personal account created by someone claiming to be a law enforcement officer. Binance said that they always verify the identity and authority of each party that submits a request for data.

"We never provide our user data without a legal process that is valid and in accordance with our standards. We also never provide our user data to third parties who are not authorized," Binance said.

Binance also denied any link between the hacker's claim and the leaked data on the Know Your Customer (KYC) of Binance users, which was reported by a user with the name "otter BROo". The user said that the KYC data of Binance users was sold on the web black market, which allegedly came from the leak of GitHub.

Binance said that the KYC data displayed by Otter BROoo was an old data that had been leaked in 2019, and had nothing to do with the latest hacker claims. Binance also said that they had taken steps to protect users affected by the data leak.

"We urge our users to always be vigilant and careful of phishing, scamming, or other cyberattacks. We also advise our users to activate additional security features, such as two-factor authentication (2FA) and white wallet addresses," Binance messages.