Bitfinex’s CTO has debunked rumors of a suspected data breach on the crypto exchange’s platform.
Ardoino highlighted irregularities contained in the claim by the acclaimed hackers.
According to Ardoino, only 5,000 of 22,500 broadcasted emails matched with Bitfinex users.
Bitfinex CTO Paolo Ardoino has debunked rumors of a suspected data breach on the crypto exchange’s platform. In a recent post on X, Ardoino explained that information broadcasted by the acclaimed hackers is fake, and not derived from the crypto firm’s database.
Everyone panicking for a potential database breach on bitfinex.Tldr: seems fake.The alleged hackers have posted 2 mega links with sample data contains 22.5k records of email and passwords. – we don't store plaintext passwords, nor 2FA secrets in clear text.– only 5k of 22.5k…
— Paolo Ardoino 🍐 (@paoloardoino) May 4, 2024
After acknowledging the widespread panic among crypto users on the rumored database breach, Ardoino highlighted irregularities contained in the claim by the acclaimed hackers. According to the CTO, the alleged hackers have posted two mega links with sample data containing 22,500 records of email and passwords.
To substantiate his claims, Ardoino noted that Bitfinex does not store plaintext passwords nor 2FA secrets in clear text. Hence, no one can access such details from the platform. He further explained that only 5,000 of 22,500 broadcasted emails matched with Bitfinex users, insisting that only a 100% match rate can prove the broadcasted information was from Bitfinex.
Meanwhile, Ardoino informed his followers on X that the alleged hackers did not contact Bitfinex. According to him, the hackers published the post on April 25, giving the firm a 7-day ultimatum to contact them. Yet, Ardoino noted that he and his team learned about the post on Friday, May 3.
Furthering his claims, Ardoino said the alleged hackers could have explored any available channels to demand a ransom. According to the CTO, they could have applied through Bitfinex’s bug bounty, customer support ticket, emails, or X account (Twitter).
According to Ardoino, initial investigations reveal the hackers collected a database of emails and passwords likely from different crypto breaches. He noted that most crypto users, unfortunately, use the same email and passwords across multiple sites. He assured users that Bitfinex is performing a deep analysis of its systems and hasn’t found any breach. The CTO also noted that his platform’s KYC has a heavy rate limit that would disallow downloading in bulk.
The post Bitfinex CTO Debunks Data Breach Rumors On The Crypto Exchange appeared first on Coin Edition.