Comment

I hope nobody loses their shirt over this.

Summary

  • Sensitive data exposed: Internal code, infrastructure diagrams, passwords, and other technical information were publicly accessible on GitHub for months.
  • Source unclear: Unclear if an outside hacker or Binance employee accidentally uploaded the data.
  • Potential risk: Information could be used by attackers to compromise Binance systems, though Binance claims “negligible risk”.
  • Data details: Included code related to passwords and multi-factor authentication, diagrams of internal infrastructure, and apparent production system passwords.
  • Binance response: Initially downplayed the leak, later acknowledged data was theirs but downplayed risk.
  • Current status: Data removed from GitHub via copyright takedown request.
  • Unclear if any malicious actors accessed the data.
  • notannpc@lemmy.world
    link
    fedilink
    English
    arrow-up
    10
    ·
    edit-2
    10 months ago

    I look forward to the future article “billions stolen from crypto exchange binance”