Hackers Reportedly Leak 1.5 Million Binance Account Login Data

Binance is efficiently courting institutional buying and selling actions, however a rising wave of knowledge safety alarms on its retail entrance threatens to complicate the agency’s ambitions.

The world’s largest cryptocurrency trade by market capitalization has began 2026 with explosive momentum in its over-the-counter buying and selling division. In January and February alone, Binance’s OTC platform recorded 25% of its complete quantity for all of 2025.

Captcha Bypass Exposes 1.5 Million Binance Users in Scraping Attack

This sharp rise displays a broader market maturation, as large-cap traders and institutional gamers more and more search non-public execution channels for large trades.

Binance CEO Richard Teng explained that these entities prioritize deep liquidity to keep away from slippage and market disruption. The trade’s OTC desk permits patrons and sellers to execute block trades immediately, shielding their methods from public order books.

However, beneath this institutional polish, operational red flags are mounting.

On March 28, cybersecurity platform VECERT reported {that a} risk actor working beneath the alias PexRat supplied a non-public database containing the personal information of 1.5 million Binance customers on the market.

The leaked information purportedly consists of full names, e mail addresses, cellphone numbers, and Know Your Customer verification statuses.

More alarmingly, the risk actor claims to own victims’ last-login IP addresses, system person brokers, and two-factor authentication statuses. This consists of whether or not customers depend on SMS, e mail, or devoted authenticator apps.

Meanwhile, the potential publicity of 2FA logs and KYC information presents a extreme operational danger. It leaves compromised customers extremely weak to focused SIM-swap assaults and sophisticated phishing campaigns.

Crucially, VECERT’s evaluation of the authentication logs and pattern information revealed that Binance’s inner servers weren’t immediately breached. Instead, the agency outlined a complicated credential stuffing and scraping operation.

“The proof means that the attacker managed to bypass or abuse safety mechanisms (resembling Captcha) within the login interface or some platform API, permitting a continuing movement of unblocked requests,” VECERT defined.

This incident follows a January report by cybersecurity researcher Jeremiah Fowler, who uncovered roughly 420,000 Binance-linked credentials uncovered through comparable infostealer malware.

Ultimately, these occasions current a crucial stress take a look at for Binance’s cybersecurity practices, because the trade can not afford the continued automated scraping of its customers’ information.

The put up Hackers Reportedly Leak 1.5 Million Binance Account Login Data appeared first on BeInCrypto.