KYC Leak Exposed: Hacker Reveals Binance Evidence

Published on Unknown by Cryptovest Staff

The hacker claimed that Binance, one of the major exchanges that most recently added a KYC procedure, was also affected by the leak of trader screening pictures.

Theleak of know-your-customer (KYC) filesfrom major exchanges has been supported by more evidence qualifying it as a real threat. The ExploitDOT hacker personality went on to explain and illustrate the case with evidence and a lengthy rant onPastebin.

Posting as a guest account, the owner of KYC pictures and data stated that previous explanations of faked photos or even photoshopped ones were not the entire story, going on to presentsample filesof selfies and document scans.

“I've never been contacted from any exchange to verify it. I expressed My availability to give more than 3 pictures of proof to people that could prove they are from the exchanges, and to discuss how that happened and eventually how to fix,” ExplotDOT said in his explanation of the most recent evidence.

KYC screening was previously reserved for larger trades and especially withdrawals to cash. For a while, Binance attracted traders for being a no-KYC exchange. But in 2018, more markets added a screening procedure, using third parties. Due to the rush of newcomers to crypto trading platforms, KYC screening was sometimes done by hand.

Previously,Bittrexleaks revealed passport files were sent unencrypted over email, with the information visible.

This time, however, the hacker did not reveal the images, choosing instead to censor the information and even proposing to delete it if paid for this. Passport information could be used in numerous ways, including identity theft or repeated KYC.

Paradoxically, the cryptocurrency sector and tokenization projects have so far failed to offer the encrypted version of KYC, where users own their data and do not need to present it in unencrypted form to multiple platforms. So far, there is no accessible project offering an encrypted digital identity which could replace KYC.

KYC and anti-money-laundering (AML) laws were at first possible to circumvented within the crypto ecosystem. But when users are exposed to exchanges, anonymity no longer applies and disclosure is mandatory. The risk posed by KYC data leaks may affect crypto adoption as skeptics would not want to expose official documents to an insecure screening.