Binance is making 'significant changes to the API, 2FA, and withdrawal validation areas' in the aftermath of the hack

Changpeng 'CZ' Zhao, CEO of Binance, announced that the company is making "significant changes to the API, 2FA, and withdrawal validation areas, which was an area exploited by hackers during [the hack]." Binance was hacked Tuesday, which resulted in a loss of $41 million worth of bitcoin. The hackers have since consolidated the stolen bitcoin into just seven addresses. Binance is working "with a dozen or so industry-leading security expert teams" to track down the hackers and also with "many exchanges and other service providers" to freeze the stolen funds.

While Binance said that "sharing too many security details actually weakens [the] security response strategy," it disclosed that it is improving risk management, user behavior analysis, and KYC procedures as well as on "innovative ways to fight phishing." Binance is also planning to add support for hardware authentication devices starting with YubiKey. CZ also apologized for saying "the wrong stuff, dirty words like reorg." Binance currently has deposits and withdrawals paused but is looking to resume them "early next week."