According to data claimed by Shinoji Research, there was a data breach on the cryptocurrency exchange Bitfinex and the data of 400 thousand users along with 2.5 terabytes of data may have been stolen.
The information has not yet been confirmed by the exchange and users have to wait for the official announcement.
According to Shinoji Research, the FSociety ransomware group, known for its malicious activities, claimed responsibility for the attack. They loaded a page with two mega links to their Onion site. These links lead to a text file containing a partial dump of usernames and plaintext passwords.
Shinoji Research said that the review found that the list did not contain any known accounts belonging to trading firms such as Alameda Research. However, the sheer size of the data indicates that hackers have been able to access every KYC document since Bitfinex’s inception.
The hackers issued a warning stating that they would leak the KYC documents of all users if their demands were not met.
In a surprising development, a follower of Shinoji Research tried one of the passwords in the file and received a 2-factor authentication (2FA) warning. This situation was later confirmed by Shinoji Research, confirming the reality of the violation. Bitfinex has not yet responded to these allegations.
However, these are all claims by Shinoji Research and an official statement from Bitfinex should be awaited.