Binance KYC leak - fact or fiction?

Exchange hacks are a dime a dozen, but the most recent Binance incident feels like a brand new kind of weird, even for crypto.

A few days ago, thousands of photos of people posing with personal documents - allegedly stolen from the Binance KYC database - started circulating on Twitter and Telegram. The culprit - an anonymous hacker that goes by ‘Bnatov Platon’ - has since been busy creating new Telegram groups to disseminate the photos, and sharing them on his Twitter account.

So far, the setup sounds like another run-of-the-mill data breach, and would mark the 2nd high-profile Binance hack/leak in the last 4 months, after an incident in May when an outside group broke into Binance user accounts and stole 7,000 bitcoin.

However, this is where things get a bit...wonky.

First, not only has Binance declined to confirm the hack, it has so far actually dubbed it ‘false’, with CZ even prompting the community not to buy into the ‘FUD’:

In their announcement, Binance says the circulating photos ‘bear similarity to Binance KYC data’ but did not confirm their legitimacy. The reason for their scepticism seems to stem from the fact that the photos do not contain the digital watermark typically imprinted by the exchange’s system.

However, the reason for the watermark omission might be found further in the announcement:

“On initial review of the images made public, they all appear to be dated from February of 2018, at which time Binance had contracted a third-party vendor for KYC verification in order to handle the high volume of requests at that time”

For now, it remains unconfirmed whether this ‘third-party vendor’ implemented the same digital watermark procedures as Binance during their KYC process.

Given Binance’s claim that the KYC photos are ‘false’, some are also finding it odd that the exchange has set up a reward fund of “up to 25 BTC” for anyone who can help identify the hacker in response to the incident.

That’s also not the only disputed tidbit of information. In their announcement, Binance claims the hacker has demanded 300BTC “in exchange for withholding 10,000 photos”.

However, according to Coindesk - which has apparently been in communication with Bnatov Platon for weeks - the actual number of leaked images is closer to 60000. Platon also disputed the 10k number on his Twitter account:

What’s additionally interesting is that Platon claims he didn’t actually hack Binance himself, but rather obtained the images by hacking the May 2019 hackers, who stole more than 7000BTC from Binance wallets.

If proven true, this could be particularly damaging for Binance, who at the time did not mention any KYC data being stolen during the May 2019 hack, but rather only said that malicious actors obtained customers’ APIs, two-factor codes, and “potentially other information.”

All of this has led some in the community to dispute CZ’s claim that the alleged KYC leak is just an elaborate attempt at ‘FUD’:

At the same time, a number of Binance users on reddit is trying to find out if they too have been affected by the KYC hack:

True or not, the incident has also made some in the community advise against dealing with any exchange platform or trading service that require KYC:

The one entity that has remained wholly indifferent about the whole KYC saga? BNB. In fact, Binance’s native coin has experienced a decidedly upward trend over the past 2 days, and has, for the moment, consolidated around the $30 range.