Bitfinex, a prominent cryptocurrency exchange, has been the subject of conflicting reports regarding a data breach affecting 400k customers. Users reported that passwords from a supposed Bitfinex hack were functional, suggesting that the exchange might have stored passwords in plaintext. However, Bitfinex's CTO, Paolo Ardoino, has denied these allegations, stating that the claims by the ransomware group FSOCIETY are baseless. FSOCIETY had previously claimed to have accessed personal data from Bitfinex, but this has been contested by security experts who believe the data might be fabricated and is actively targeted by criminals.
Yesterday (or whenever, we don't care enough to get the exact date) F-Society ransomware group claimed to have compromised Bitfinex. This compromise is a hoax. Bitfinex was not compromised. The 'stolen data' is just a list of username:password combinations from GitHub.
.@bitfinex CTO @paoloardoino, also the CEO of @Tether_to, has cast skepticism on a ransomware group’s week-old claim that personal data from the exchange was breached. Hacking group FSOCIETY claimed last week to have hacked Bitfinex along with Rutgers University and two other… https://t.co/AxwFJ01gF7
Bitfinex CTO denies rumors of data breach from ransomware group https://t.co/c31WRlHjds
If you KYC'd with Bitfinex, you and 400k other customers have lost their personal data to criminals who are actively targeting crypto users. What did we tell you?
Follower tested the bitfinex hack, the passwords work. Meaning @Bitfinex confirmed to have stored plaintext passwords. I just tested 2 from it and can confirm, it prompted for 2fa, but did not say invalid password. More info: https://t.co/oDvBivaOko https://t.co/XGgWsW3WXK