Binance CEO Raises Alarm on Chinese Data Breach

Binance CEO Raises Alarm on Chinese Data Breach

Binance CEO Changpeng Zhao sounded the alarm about a massive data breach of 1 billion Chinese residents sold on the dark web.

According to reports, 23 terabytes of data containing names, addresses, places of birth, national ID cards, phone numbers and criminal case information were stolen from a police station database in Shanghai, China. Hackers provided information on ten bitcoins on a dark web forum.

CZ announced on Twitter on July 3 that Binance Threat Intelligence had uncovered records of residents being sold on the dark web, without mentioning the country. He attributed the data breach to a bug in the government agency’s software using the “Elasticsearch” algorithm.

Elasticsearch is used to quickly search massive datasets and return answers in milliseconds. In a corporate or government entity, data from social media posts to emails to corporate spreadsheets may end up being stored in Elasticsearch buckets. While this makes it easy to access a wealth of corporate information, it is also an enticing prospect for cyber robbers.


Information on the forums where the data was posted indicated that the attack targeted Elasticsearch instances on the cloud platform of an Alibaba subsidiary used by the Shanghai police.

CZ explained that the compromised data has implications for Binance users because the data can be used to take over accounts. The cryptocurrency exchange has since taken steps to strengthen its user verification process. CZ added that Binance uses both in-house and outsourced threat detection.

Cybersecurity experts concerned with data size and sensitivity

News of the hack has unnerved the entire Chinese security industry, sparking speculation about how it happened. Shanghai police have yet to make any official statement. Cybersecurity professionals are concerned because of the scale of the hack and the sensitivity of the information exposed, including details of criminal activity.

According to The Wall Street Journal, some reporters downloaded the list and called phone numbers to verify the validity of the information. The five parties verified criminal information that only the police can access, and the four parties confirmed their identities before hanging up.

The threat landscape of cryptocurrencies

While hacks of DeFi protocols have involved fund theft, such as breaches where funds were stolen from Axie Infinity’s Ronin bridge and Harmony’s Horizon bridge, data breaches are more likely to threaten the clients of centralized crypto exchanges. Exchanges need to collect know-your-customer information from new customers to combat money laundering and terrorist financing, which could be exposed on the dark web in the event of a security breach.

For the attack, an Australian security consultant said the hackers may have exaggerated the scale of the attack.

According to Crystal Blockchain’s 2021 report, U.S.-based crypto companies suffered the most attacks between 2011 and 2021, while attacks on Chinese companies accounted for the majority of the loss of funds. Hackers try to steal funds from exchanges with minimal KYC requirements such as phone numbers and emails.


All information contained on our website is published in good faith and for general information purposes only. Any action that readers take with respect to the information on our site is entirely at their own risk.


Be the first to comment

Leave a Reply

Your email address will not be published.