Bitfinex’s Chief Technology Officer, Paolo Ardoino, has dismissed claims made by hacking group Fsociety regarding a breach of the cryptocurrency exchange’s database. Ardoino labeled the allegations as “fake” and emphasized that no ransom request had been made through official channels. The misinformation surrounding the alleged data breach began circulating on social media, triggered by a tweet from Alice of Shinoji Research. The tweet gained traction after being picked up by Walter Bloomberg, who tweeted that Bitfinex’s data had been hacked. However, Alice later acknowledged their premature assertion. Ardoino clarified that Bitfinex does not store plaintext passwords or 2FA secrets in clear text, diminishing the credibility of the alleged breach. He suggested that the hackers likely gathered data from other crypto-related breaches and exploited the common practice of using the same login credentials across multiple platforms. Bitfinex has not acknowledged experiencing a data breach or engaging in ransom payment. Ardoino questioned the legitimacy of Fsociety’s claims and shared insights from a security researcher suggesting that the group may have fabricated the breach to promote its ransomware tools. Despite the allegations, Ardoino assured users that Bitfinex would diligently investigate the situation, and as of now, no breach has been detected, and user funds remain secure. Bitfinex has a history of notable hacking incidents, including one in 2016 where over 95,000 Bitcoins were compromised. Two individuals, including the self-professed crypto rapper Razzlekhan, pleaded guilty to money laundering charges related to the hack and forfeited the stolen bitcoin to authorities.
