Following the Binance Security Breach which occurs on May 7th, The CEO of The exchange, Changpeng Zhao, has updated reporters on the exchange’s security revamp and investigation of the $40 million hack in a security incident update which according to Cointelegraph he shared with them on May 10th.
The CEO also apologized for heating-up community fears by openly discussing the possibility of incentivizing a blockchain re-organization — or transaction rollback — as a possible response to the attack.
As Cryptoinformers.info reported, Binance suffered an intense hack on May 7, which reported about 7,070 bitcoin (BTC) — worth over $40 million at the time of the report stolen by the hackers from the exchange’s hot wallets in a transaction that went undetected by the firm’s security systems.
The attack was reported to have been done by obtaining large number of 2FAs and APIs which enables them to make the withdrawals. In his security update, CZ said he was restricted in sharing too many details of the exchange’s response to the incident, noting that:
“Hackers are reading every word we post and watching every AMA we host. Sharing too many security details actually weakens our security response strategy.”
However, the CEO made it known that the exchange team was ostensibly making progress in significantly revamping its security measures, procedures and practices. He said that some of the changes will be implemented within this very week, and that a great deal more changes will follow going forward.
He also noted changes to the areas exploited by the perpetrators of the theft — namely Binance’s API, 2FA and withdrawal validation areas. He also revealed the platform is aiming to improve its risk management, user behaviour analysis, Know Your Customer procedures and anti-phishing tactics, as well as revising other back-end security measures.
Notably, CZ also used the security incident update as an opportunity to apologize for having sparked a controversy in the crypto community by publicly raising the consideration of undertaking a possible blockchain re-org or rollback in the wake of the hack. He said:
“Given how much I talk, I sometimes say the wrong stuff, dirty words like ‘reorg’, for which I apologize. It is my strong view that our constant and transparent communication is what sets us apart from the “old way of doing things”, even and especially in tough times.”