Posted 2 years ago | by Ben Armstrong

Binance KYC Hack: Did it Happen or Not?

While this story is still breaking, at the moment the picture is coming a little more into focus. Early this morning, a Telegram group opened that was sharing photos of people holding passports that were supposedly from Binance users. Rumors of stolen usernames started to circulate around the crypto community as the Telegram group surged to over 10,000 members in only a few hours.

Earlier today, the founder of Binance Chengpeng Zhao aka CZ, made several tweets regarding the rumors calling them FUD.

This is a tactic used by Binance & CZ called de-escalation. Whenever there is bad news for Binance, he de-escalates the anxiety of the community by minimizing what happened. The next step is to spin the event into something positive for Binance.

Regardless of when a hack took place, there is no way, shape, or form that a KYC hack is good news. And if the hack really never occurred then it's pretty sad it only takes one person opening a telegram group with random passport photos to send the entire user base into panic. People may be less likely to believe the rumors if Binance had not been hacked twice over the last 13 months. But you have to give credit to CZ. He's the Olivia Pope of the the crypto world. Always working on spinning the story into something positive.

More Questions than Facts

An individual is trying to exploit Binance. Binance was contacted by an individual seeking 300 BTC in return for 10,000 KYC photos. The Binance initial response explains:

We would like to inform you that an unidentified individual has threatened and harassed us, demanding 300 BTC in exchange for withholding 10,000 photos that bear similarity to Binance KYC data. We are still investigating this case for legitimacy and relevancy. After refusing to cooperate and continuing with this extortion, this individual has begun distributing the data to the public and to media outlets.

However, the official Binance statement states some seemingly conflicting information. On one hand it says that the photos it has seen from the individual do not have the Binance digital watermark its system puts on the photos when they are submitted so they must not be authentic.

On the other hand, it says the photos seem to indicate they were from February of 2018. That month, Binance contracted a third party vendor to help with KYC. This vendor has been contacted in the investigation. How would Binance know that these photos were from February of 2018 if these are not from Binance?

The statement also includes reference to an article from earlier this year where Binance refuted rumors that its KYC data was stolen using the lack of digital watermark as the determining factor. However, is it possible that this third party vendor was able to obtain the pictures before they were stamped with the watermark? If a user uploads a photo without a watermark on it then isn't it a possibility that the original photo was stored somewhere on the system as is?

There are still questions that need to be answered. However, the fact that these photos were from the exact time when Binance was using a third party vendor to help with KYC is probably more than just a coincidence.

To see more on this story watch BitBoy Crypto's Latest Video:

[youtube v="r4p1F6SvvnY"]