The claims by hacking group FSOCIETY that they hacked cryptocurrency exchange Bitfinex's database and leaked 22,500 customer emails and passwords “seems fake,” according to Bitfinex chief technology officer Paolo Ardoino.
“If they had any real information they would have asked a ramson through our bug bounty, customer support ticket, emails, Twitter, etc. We couldn't find any request,” Ardoino claimed in a May 4 post on X.
“We don't store plaintext passwords, nor 2FA secrets in clear text,” he added.
Adoino clarified that out of the 22,500 records of emails and passwords, only 5,000 matched with Bitfinex users. He suggested that it is more likely the hackers gathered data from various other crypto data breaches.
“Most users unfortunately use the same email and passwords across multiple sites,” he explained.
He also shared a message from a security researcher, who believes the hackers were claiming to have hacked Bitfinex as a way to promote a data retrieval hacking tool.
“So by creating a buzz about successfully hacking wellknown companies / a university, it is an advertisement of how good their tool is and others should buy it so they can make millions of dollars by using it to exploit companies using this tool.”
Ardoino assured users that they would keep investigating the situation, but no breach has been detected so far, and all "funds are safe."
Related: Bitcoin post-halving price consolidation could last 2 months — Bitfinex
This is not the first time Bitfinex has faced scrutiny over data breach concerns.
In November 2023, Cointelegraph reported a minor information security incident at Bitfinex when one of its customer support agents was hacked.
This resulted in a series of phishing attacks targeting Bitfinex users, though Bitfinex stated that little harm occurred.
Meanwhile, in 2016, Bitfinex suffered a security breach resulting in the loss of 119,576 customers' Bitcoin (BTC), worth around $70 million at the time, and $7.6 billion now.
Magazine: Meme coins: Betrayal of crypto’s ideals… or its true purpose?