Binance Breach: Sensitive Data Exposed on GitHub for Months
For several months, an exceptionally sensitive trove of data belonging to Binance lingered in a public GitHub repository. As revealed by 404 Media, this dataset encompassed codes, infrastructure blueprints, internal passwords, and other technical particulars.
It was only last week that Binance succeeded in having the data expunged from GitHub, leveraging a takedown request on copyright infringement grounds. However, before this action, the data had been viewed by 404 Media and other users. Despite the absence of public evidence that the data was exploited by malefactors, it contained information potentially advantageous to hackers aiming to compromise Binance’s systems.
“Male hands holding smartphone with an open Binance application”by wuestenigel is licensed under CC BY 2.0
Notably, one of the diagrams illustrated the interconnections and dependencies within Binance’s infrastructure. The dataset also included an array of scripts and codes, some of which seemingly pertained to password implementation and multifactor authentication mechanisms. The code annotations were penned in both English and Chinese.
Several files contained presumed passwords for systems labeled as “prod,” likely indicating operational systems. A number of these passwords appeared to correspond to AWS servers utilized by Binance.
The leaks were published on GitHub under the account name “Termf.” It remains unclear whether this act was perpetrated by an external party maliciously disseminating the materials or a Binance employee who inadvertently uploaded them to GitHub.
404 Media first approached Binance about the GitHub repository on January 5. At that time, a company representative stated that Binance was aware of an individual online claiming possession of sensitive Binance information. The security service affirmed that the claim did not match what the company had in operation, assuring users that their data and assets remained secure. Nonetheless, by submitting a copyright infringement takedown request, Binance implicitly acknowledged that the data indeed contained Binance’s code.
