Comment

I hope nobody loses their shirt over this.

Summary

  • Sensitive data exposed: Internal code, infrastructure diagrams, passwords, and other technical information were publicly accessible on GitHub for months.
  • Source unclear: Unclear if an outside hacker or Binance employee accidentally uploaded the data.
  • Potential risk: Information could be used by attackers to compromise Binance systems, though Binance claims “negligible risk”.
  • Data details: Included code related to passwords and multi-factor authentication, diagrams of internal infrastructure, and apparent production system passwords.
  • Binance response: Initially downplayed the leak, later acknowledged data was theirs but downplayed risk.
  • Current status: Data removed from GitHub via copyright takedown request.
  • Unclear if any malicious actors accessed the data.
  • @RookiA
    link
    English
    2611 months ago

    Wow, just wow…

  • @notannpc
    link
    English
    15
    edit-2
    11 months ago

    I look forward to the future article “billions stolen from crypto exchange binance”

  • @[email protected]
    link
    fedilink
    English
    811 months ago

    Again, centralized exchanges are like public toilets. Get in, do your business, and get the fuck out. This is a good argument against KYC as well, since if they don’t have data, they can’t leak data.

    • @SinningStromgald
      link
      English
      1711 months ago

      It was on the open net. I am sure it is somewhere.