*Article updated, October 3rd 2019
On May 7th, 2019, Binance uncovered a large scale security breach due to a progressive hack.
The hackers were able to withdraw 7000 BTC in this one transaction: https://www.blockchain.com/btc/tx/e8b406091959700dbffcff30a60b190133721e5c39e89bb5fe23c5a554ab05ea
Binance has a pending investigation. Because of this, deposits and withdrawals have been turned off.
There is good news in that Binance is using the #SAFU fund (secure asset fund for users) to cover the incident in full.
October 3rd Update
The following days, Binance CEO Changpeng Zhao posted an AMA blog on the Binance website which you can find here if you’d like to read it yourself, starting here.
Binance CEO blog
These are the main points one can take from these.
- The breach was discovered immediately
- The hackers used both external and internal methods
- A SAFU fund was already in place to cover the losses
- The API, 2FA, and withdraw verification process underwent significant changes due to the hack
- Improvements made to the risk management, user behavior analysis, and KYC procedures
You can see from reading the blogs is order that their security at the time was solid. Bad dudes found a way around it. Upon discovery policies were changed to ensure this does not happen again.
No legitimate users lost any money because the money was already set aside for safety.
Basically, everything’s cool and the normal exchange user has nothing to worry about.
Because of this, there is no reason at all that someone shouldn’t still feel completely safe using Binance.