Comment
I hope nobody loses their shirt over this.
Summary
- Sensitive data exposed: Internal code, infrastructure diagrams, passwords, and other technical information were publicly accessible on GitHub for months.
- Source unclear: Unclear if an outside hacker or Binance employee accidentally uploaded the data.
- Potential risk: Information could be used by attackers to compromise Binance systems, though Binance claims “negligible risk”.
- Data details: Included code related to passwords and multi-factor authentication, diagrams of internal infrastructure, and apparent production system passwords.
- Binance response: Initially downplayed the leak, later acknowledged data was theirs but downplayed risk.
- Current status: Data removed from GitHub via copyright takedown request.
- Unclear if any malicious actors accessed the data.
You must log in or # to comment.
Wow, just wow…
I look forward to the future article “billions stolen from crypto exchange binance”
Was the github repo archived?
It was on the open net. I am sure it is somewhere.
Again, centralized exchanges are like public toilets. Get in, do your business, and get the fuck out. This is a good argument against KYC as well, since if they don’t have data, they can’t leak data.
Paywall
