Binance has revealed that a “third party vendor” is the source of the KYC leak that saw thousands of identity documents such as passports and driving licenses leaked on a Telegram group two weeks ago. In a blog post updating users of the situation, the exchange stated that “the leaked images overlap with images that were processed by a third-party vendor” that was contracted by Binance in late 2017 and early 2018, with affected users being contacted and compensated by the exchange.
Update & Action Response: Third-Party Vendor KYC Matter
Protecting our users and keeping #Binance systems secure is our utmost priority.https://t.co/1xz48JLmxF
— Binance (@binance) August 23, 2019
Photoshopped Images
The blog post contains several key pieces of information regarding the leak, chiefly that they have narrowed down the source of the leak to the third party vendor following work by the exchange’s security and investigations team. Interestingly, they state that “multiple photoshopped or otherwise altered images which do not match the KYC images in our database” were present in the leak, suggesting that the hacker has tried to con Binance by using images that do not correlate to real users in order to try and inflate the significance of the hack. In addition to this, the blog post also reveals that no image contains the Binance watermark which is embedded as part of the Binance KYC process, suggesting that the genuine images were not stolen from Binance but instead from the provider’s servers. It has to be assumed then that, once they have collected enough evidence, Binance will hand the case over to the authorities for investigation.
Affected Users to be Compensated
Despite apparently not being the source of the leak, Binance has still offered affected individuals “a lifetime Binance VIP membership, including preferential trading fees, support, and more services”, which is a nice touch from an exchange known for its excellent customer service. Affected users are being contacted by Binance, but users who believe they were among the leaks can contact the exchange themselves. With so many exchanges and ICOs requiring KYC, it’s amazing that leaks like this aren’t more prevalent, although the likelihood is that such information is already available on the dark web, we just don’t know about it. Or maybe it’s just out in the public for everyone to see…