Binance claims the code is ‘outdated’ on GitHub, with little risk.
Crypto exchange Binance has denied reports that “highly sensitive” internal passwords and code were exposed on GitHub for months – the code was outdated and caused a “negligible risk”.
According to a January 31 report from 404 Media, there was a cache of “code, infrastructure diagrams, internal passwords and other technical information,” including information on how the exchange handles passwords and multi-factor authentication.
According to the report, Binance successfully petitioned GitHub to clean up the files using a copyright takedown request on January 24. [a] Significant Risk” and “Unauthorized”.
However, a Binance spokesperson told Cointelegraph that the person “shared very old information on GitHub” and that their security team confirmed that the cache “does not match what is currently in production.”
Binance added that the data “poses a non-trivial risk to the security of our users, their assets or our platform.” The data is too old, he said, “to be used by any third parties or malicious actors.”
RELATED: Hamas Victims Sue Binance for ‘Aiding' Terrorists
Binance says it protects its past or present intellectual property and aims to mitigate damages from “unnecessary confusion or unnecessary fears of publication of private information,” hence why it filed a takedown request with GitHub and is taking legal action against the user.
However, Binance's request to GitHub says the data is “our client's internal code, which poses a significant risk to Binance.” And will result in significant financial damage to Binance and user confusion/harm.
Binance did not respond to further inquiries on the matter.
Magazine: Defy's Billion Dollar Secret: Insiders Responsible for Hacking