- Bitfinex CTO Paolo Ardoino has refuted claims by hacking group Fsociety of a significant data breach involving 22,500 customer emails and passwords.
- Only 5,000 of the claimed leaked records match Bitfinex users, suggesting data may have been compiled from previous breaches.
- Ardoino assures that no breach has been detected at Bitfinex so far and all customer funds are secure.
Bitfinex, a prominent cryptocurrency exchange, has recently been the subject of alleged hacking claims by the group Fsociety, which asserted it had leaked 22,500 customer emails and passwords. However, Bitfinex’s Chief Technology Officer, Paolo Ardoino, has expressed skepticism about the authenticity of these claims in a recent post on X.
Assessing the Claims
Ardoino pointed out that if Fsociety had access to genuine data, they would likely have sought a ransom through various communication channels available to them, such as Bitfinex’s bug bounty program or customer support. He noted that no such requests were received.
Upon reviewing the alleged leaked data, Ardoino revealed that only about 5,000 of the 22,500 records matched Bitfinex users. He suggested that it is more probable that this data was aggregated from other cryptocurrency-related data breaches, given the common practice among users to reuse email and password combinations across multiple sites.
Speculation on Motives
Additionally, Ardoino shared insights from a security researcher who speculated that Fsociety might be using the claim of a successful hack as a marketing strategy to promote a data retrieval hacking tool. This theory suggests that the hackers aim to demonstrate the effectiveness of their tool to potential buyers by creating buzz around high-profile targets.
This is not the first time Bitfinex has dealt with security concerns. In November 2023, the exchange experienced a minor information security incident involving a customer support agent, which led to phishing attacks targeting its users. Most notably, Bitfinex suffered a major security breach in 2016, resulting in the theft of 119,576 Bitcoin, valued at approximately $70 million at the time.
Despite these past challenges, Ardoino reassured users that there has been no breach detected in the current situation, and all customer funds remain safe. Bitfinex continues to investigate the claims rigorously to ensure the integrity and security of its platform.