- Bitfinex’s CTO has debunked rumors of a suspected data breach on the crypto exchange’s platform.
- Ardoino highlighted irregularities contained in the claim by the acclaimed hackers.
- According to Ardoino, only 5,000 of 22,500 broadcasted emails matched with Bitfinex users.
Bitfinex CTO Paolo Ardoino has debunked rumors of a suspected data breach on the crypto exchange’s platform. In a recent post on X, Ardoino explained that information broadcasted by the acclaimed hackers is fake, and not derived from the crypto firm’s database.
After acknowledging the widespread panic among crypto users on the rumored database breach, Ardoino highlighted irregularities contained in the claim by the acclaimed hackers. According to the CTO, the alleged hackers have posted two mega links with sample data containing 22,500 records of email and passwords.
To substantiate his claims, Ardoino noted that Bitfinex does not store plaintext passwords nor 2FA secrets in clear text. Hence, no one can access such details from the platform. He further explained that only 5,000 of 22,500 broadcasted emails matched with Bitfinex users, insisting that only a 100% match rate can prove the broadcasted information was from Bitfinex.
Meanwhile, Ardoino informed his followers on X that the alleged hackers did not contact Bitfinex. According to him, the hackers published the post on April 25, giving the firm a 7-day ultimatum to contact them. Yet, Ardoino noted that he and his team learned about the post on Friday, May 3.
Furthering his claims, Ardoino said the alleged hackers could have explored any available channels to demand a ransom. According to the CTO, they could have applied through Bitfinex’s bug bounty, customer support ticket, emails, or X account (Twitter).
According to Ardoino, initial investigations reveal the hackers collected a database of emails and passwords likely from different crypto breaches. He noted that most crypto users, unfortunately, use the same email and passwords across multiple sites. He assured users that Bitfinex is performing a deep analysis of its systems and hasn’t found any breach. The CTO also noted that his platform’s KYC has a heavy rate limit that would disallow downloading in bulk.
Disclaimer: The information presented in this article is for informational and educational purposes only. The article does not constitute financial advice or advice of any kind. Coin Edition is not responsible for any losses incurred as a result of the utilization of content, products, or services mentioned. Readers are advised to exercise caution before taking any action related to the company.