Crypto exchange Binance has refuted a report claiming a “highly sensitive” cache of internal passwords and code had been exposed on Github for months — arguing the code was outdated and posed a “negligible risk.”
According to a Jan. 31 report from 404 Media, there was a cache of “code, infrastructure diagrams, internal passwords, and other technical information,” including information about how the exchange carries out passwords and multifactor authentication. The report notes that Binance successfully petitioned GitHub to scrub the files through a Jan. 24 copyright takedown request, where the exchange said the information “poses [a] significant risk” and was posted “without authorization.”
The information “posed negligible risk to the security of our users, their assets or our platform,” Binance added. It claimed the information was so outdated “it would be unusable by any third parties or malicious actors.”