Binance Faces Dual Challenges of Growth and Data Security

Binance, the world’s leading cryptocurrency exchange, has reported remarkable growth in its institutional trading services. As of early 2026, the exchange has experienced a substantial rise in over-the-counter (OTC) transactions, mainly driven by increased participation from large investment firms. However, this success is being overshadowed by a significant data breach that has raised serious concerns about user information security.

How Is Institutional Trading Evolving?

January and February 2026 have been record-breaking months for Binance’s OTC desk, with trading volumes in just these two months reaching 25% of the figures for the entire year of 2025. This uptick signals a shift in how digital currencies are being traded, with a focus on maintaining large-scale liquidity access for institutional participants.

Richard Teng, the CEO of Binance, has underscored the importance of liquidity for institutional investors, who seek to minimize market impact through private block trades. His vision is bolstered by the platform’s ability to facilitate substantial transactions, circumventing the public order books.

What Are the Implications of the Recent Data Scraping Attack?

However, this period of growth is marred by cybersecurity challenges. A hacker, known as PexRat, exposed the data of 1.5 million Binance users, selling it on underground forums. The breach included sensitive personal details, which has sent ripples of anxiety through the cryptocurrency security community.

The data at risk comprises users’ full identities, contact details, and critical security verification information, which exposes them to potential social engineering attacks and SIM-swapping schemes.

An investigation by VECERT has indicated that Binance’s main servers were not compromised. Instead, the breach leveraged credential stuffing tactics, exploiting vulnerabilities in external security measures by manipulating or defeating Captcha protections.

“The evidence suggests that the attacker managed to bypass or abuse security mechanisms (such as Captcha) in the login interface or some platform API, allowing a constant flow of unblocked requests,” VECERT’s investigators detailed in their report.

The latest breach coincides with earlier incidents reported by cybersecurity experts, including the exposure of 420,000 Binance-linked credentials due to malware. These persistent issues illustrate ongoing challenges in maintaining robust cybersecurity defenses for the platform.

Specifically, the following points highlight Binance’s current situation:

• Binance has shown significant growth in OTC trading, indicating stronger institutional engagement.
• Data breach involving 1.5 million users raises concerns over information security.
• VECERT suggests the breach arose from sophisticated credential stuffing, not a server compromise.
• Previous similar incidents highlight a potential pattern of unresolved cybersecurity vulnerabilities.

Binance finds itself in a balancing act between growing its institutional trading services and reinforcing its data protection mechanisms. The cryptocurrency community will closely monitor its efforts to safeguard user information and counter cyber threats effectively.