Binance has offered a $300,000 reward for information leading to the capture of an individual who posted 10,000 photos of users and their identity documents that may have come from the leading cryptocurrency exchange’s customer data.
In a statement on August 7, Binance said the images were posted by an individual who first contacted it claiming to have data that could identify the hackers who stole 7,070 bitcoin (BTC) from the exchange on May 7.
Saying he had hacked the hackers, the individual eventually threatened to make the images of Binance’s “know your customer” (KYC) data public, Binance’s statement said. He had been demanding 300 bitcoin, currently worth $3.5 million. The extortionist used the name “Bnatov Platon,’” which Google Translate identifies as Romanian.
Platon made good on that threat on August 7, posting pictures to the Telegram group @kycisimportant. While that group is no longer active, Platon tweeted a new link around 2 a.m. ET on August 8. That set contains hundreds of selfie photos of Binance customers’ driver’s licenses, identity cards, and passports, many with owners’ faces included.
Binance said in its subsequent statement that while the photos released so far “bear similarity to Binance KYC data,” they are missing a digital watermark. As a result, the exchange believes they may have come from a third-party vendor. The hack is under investigation by both companies.
The story gets more complex according to CoinDesk, which said Platon told them he was a white hat hacker, seeking a bounty for information on the May 7 hackers. Platon shared what he said were chat messages with Binance Chief Growth Officer Ted Lin. Those show Platon demanding money and Lin refusing to be extorted.
Platontold CoinDesk he has 60,000 pieces of Binance KYC data.
Binance CEO Changpeng “CZ” Zhao said on twitter “Don’t fall into the ‘KYC leak’ FUD [fear, uncertainty, and doubt.] We are investigating, will update shortly.”
Zhao later took to Twitter urging the crypto community not to join the Telegram group: “I would like to add, by joining or spreading the link of the telegram group, you are helping malicious hackers (at least giving attention). What we should do as an industry is to fight them. Stay on the positive side. Report the group, then leave.”
The hack and apparent publication of Binance customers’ KYC data has not hurt its binance coin (BNB) which rose from $27.48 on August 7 to a high of $31.05 on August 8, according to CoinMarketCap.