Binance which is the world’s leading cryptocurrency exchange recently announced during a statement that the leaked cryptocurrency exchange user know-your-customer (KYC) data wasn’t from their users since it used digital watermarks on every user’s picture which it collected.
Recently, CCN revealed that a hacker who goes by the name “ExploitDOT” had been selling leaked KYC data of users from cryptocurrency exchange on the dark web. This data contained three pictures of individuals who held up a piece of paper which had the word “Binance” on it, and it had the users identity cards or drivers’ licenses next to them.
Even though these pictures had the word Binance on them, the hacker went on to advertise KYC data from leading exchanges, and this included Bittrex, Poloniex, and Bitfinex. Initially, the cryptocurrency community mostly dismissed the reports calling it as “fake news,” but soon after these denials, the hacker seemed provoked and posted proof they indeed had the leaked KYC images from the crypto exchange users.
Binance recently revealed that it had evidence which indicated that the leaked KYC pictures were not from Binance accounts. During a statement, Binance said that security has always been their top priority, and they had various measures in place which would ensure safe-keeping of their customers’ information.
They went on to say that Binance KYC data had been stored and indexed with fine-grained permission controls and had been further protected by stringent security audits and concluded the photos weren’t from Binance accounts since they found out that these leaked details didn’t have any digital watermark which Binance usually adds to their images.
The statement read thus- “To elaborate, with regards to the image data which we collect from our customers during the KYC process, each and every image that us processed by the Binance system is meant for KYC purposes, and it has been embedded with a hidden Digital Watermark. But these watermarks aren’t only perceptible under specific conditions, but they allow the images to embed information on each personnel which has initiated image-related operations, in addition to the source of the photo and its relevant audit details.”
According to the release, the watermarks could be detected even if the images had been modified. In order to protect their users, Binance said that they ensured that sensitive user information, like the KYC images, had been “encrypted according to the industry standards (AES).”
The statement concluded by saying that the company has remained and would remain diligent by “promptly reviewing and assessing” the validity of any of the allegations in regards to the sensitive information leaks. Bitfinex that is another cryptocurrency exchange, in the ad, assured the users that their platform hadn’t been breached and no data had been leaked.
The origin of the hacker leaking the images hasn’t been clear as of now. After the hacker was in the spotlight, that person changed his nickname to avoid unwanted attention.