Bitfinex CTO Paolo Ardoino has confidently dismissed claims of a security breach at the cryptocurrency exchange.
Ardoino’s clarification comes after rumors circulated about a potential database leak involving 22,500 records of emails and passwords purportedly from Bitfinex users.
Bitfinex CTO Paolo Ardoino Denies Hack Rumors
According to Ardoino, the evidence presented by the alleged hackers does not align with Bitfinex’s data handling practices. He highlighted a significant discrepancy in the data. Consequently, noting that only about 5,000 of the 22,500 emails matched Bitfinex user accounts.
This is a clear indicator, he suggests, that if these records were from Bitfinex, there would be a complete match.
“We don’t store plaintext passwords, nor 2FA secrets in clear text. [And] only 5,000 of 22,500 emails are matching with Bitfinex users. If that was part of our database, we would expect 100% matching,” Ardoino said.
The timing and method of the hackers’ claim also raise questions about its legitimacy. Ardoino pointed out that the hackers did not contact Bitfinex directly. Their claim was made public on April 25, with a seven-day response window, which Bitfinex only discovered a day before the deadline.
“If they had any real information, they would have asked for a ransom through our bug bounty program, customer support ticket, emails, or Twitter,” Ardoino explained.
Security experts quickly jumped on the bandwagon, hyping the breach without substantial evidence. For instance, Shinoji Research claimed that 2.5 terabytes of customer data was leaked. However, Bitfinex’s preliminary investigations suggest that the database is likely a compilation of information from various cryptocurrency breaches.
Ardoino noted that it is common for users to reuse email and password combinations across multiple sites, which might explain the overlap.
Read more: Crypto Project Security: A Guide to Early Threat Detection
As Bitfinex continues its thorough review and system analysis, Ardoino reassured users and stakeholders, stating, “While we believe this is pure FUD, we’ll keep reviewing information to ensure no stone remains unturned.”
Trusted
Disclaimer
In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and Conditions, Privacy Policy, and Disclaimers have been updated.
