Sensitive information belonging to cryptocurrency exchange Binance, including code snippets and internal passwords, was reportedly exposed in a leak on GitHub. The leaked data, which remained publicly accessible for months, included details on Binance’s security measures such as passwords and multi-factor authentication (MFA).
Posted by an account named “Termf,” the leaked material encompassed code, infrastructure diagrams, and technical information related to Binance’s operations. Notably, some of the code on the platform pertained to Binance’s implementation of security protocols, raising concerns about potential vulnerabilities.
The leaked data also reportedly contained passwords associated with systems marked as “prod,” indicating usage in live environments rather than development or testing phases. Binance took action following a copyright takedown request, confirming the ownership of the leaked code.
In response, a Binance spokesperson emphasized that the leaked information did not reflect the exchange’s current production environment. They assured users of the platform’s security, stating that their data and assets remained safe. Binance downplayed the severity of the leak, asserting that it posed only a negligible risk to user security.
Decrypt has reached out to Binance for further comments on the matter, and this story will be updated accordingly.