Bitfinex's Chief Technology Officer Paolo Ardoino has cast doubts on claims of a database breach by hacker organization FSOCIETY, branding the allegations as 'fake.' Ardoino refuted the purported leak of 22,500 user emails and passwords, asserting that no ransom requests were made and that user funds remain secure. The exchange's security measures and history of past breaches are under scrutiny amidst growing concerns over data integrity and user privacy.
Bitfinex CTO Disputes Alleged Database Breach, Stresses User Fund Security and Past Breach Patterns
The claims by hacker organization FSOCIETY that they hacked cryptocurrency exchange Bitfinex's database and leaked 22,500 user emails and passwords "seems fake," according to Bitfinex chief technology officer Paolo Ardoino (via Cointelegraph).
"If they had any real information they would have asked a ramson through our bug bounty, customer support ticket, emails, Twitter, etc. We couldn't find any request," Ardoino claimed in a May 4 post on X.
"We don't store plaintext passwords, nor 2FA secrets in clear text," he added.
Adoino emphasized that just 5,000 of the 22,500 emails and passwords were associated with Bitfinex users. He suggested that the hackers most likely obtained information from past cryptocurrency data breaches.
"Most users unfortunately use the same email and passwords across multiple sites," he explained.
He also provided a message from a security researcher who believes the hackers claimed to have attacked Bitfinex to promote a data recovery hacking tool.
"So by creating a buzz about successfully hacking well-known companies / a university, it is an advertisement of how good their tool is and others should buy it so they can make millions of dollars by using it to exploit companies using this tool."
Ardoino told users they would continue investigating the problem, but no breach has been discovered thus far, and all "funds are safe."
Bitfinex has already faced criticism over data leak worries.
Bitfinex's History of Security Breaches Raises Concerns Amidst Alleged Database Breach Claims
In November 2023, Cointelegraph reported a minor information security breach at Bitfinex, in which one of its customer care workers was hacked.
This culminated in a series of phishing assaults against Bitfinex users, while Bitfinex claimed that minimal harm was done.
Meanwhile, Bitfinex had a security breach in 2016, resulting in the loss of 119,576 customers' Bitcoin, valued at approximately $70 million and $7.6 billion on May 5.
Photo: Microsoft Bing