SHANGHAI — Oct. 9, 2025 — Authorities in China are investigating an alleged data breach involving global crypto exchange Binance that coincided with the death of a private cryptocurrency investor earlier this week, according to people familiar with the matter. Officials said the identity of the deceased is being withheld until the investigation is complete. Local police from the Jing’an branch of the Shanghai Public Security Bureau confirmed officers were dispatched to a residence late Monday following reports of a medical emergency.
The individual, described only as an adult who actively traded digital assets, was pronounced dead at the scene. A spokesperson for the municipal forensic center said cause and manner of death have not yet been determined and that toxicology results could take several weeks. Investigators are examining whether the death is connected to a reported compromise of the investor’s digital accounts after personal information surfaced on messaging forums frequented by cybercriminals. Law enforcement officials cautioned that no conclusions have been reached and stressed that several scenarios remain under review.
“We are pursuing multiple lines of inquiry, including the possibility of targeted harassment and financial extortion following a credential leak,” said Lt. (Capt.) Liu Meilin, a spokesperson for the PSB’s cybercrime unit. “At this time, we cannot attribute the breach to any specific platform or party.” In statements posted to its Chinese-language channels, Binance said it was aware of “claims circulating online” and was “conducting an internal review in coordination with law enforcement.” The company added it had “no evidence of a platform-wide compromise” and urged customers to enable multi-factor authentication and to be vigilant for phishing attempts. 
Representatives for Binance did not respond to additional questions about whether the investor had an account with the exchange or whether any user data was accessed without authorization. Residents of the compound said emergency vehicles arrived shortly after 10 p.m. and remained at the scene for more than an hour. One neighbor, who asked not to be named to protect their privacy, said the victim kept odd hours and often discussed cryptocurrency markets. “They were very cautious about security,” the neighbor said. “It’s shocking to think anything like this could happen.” Cybersecurity experts contacted by this newspaper emphasized that even sophisticated users can be vulnerable to coordinated attacks that combine leaked credentials, SIM-swap techniques, and social engineering. “Once attackers map a victim’s online footprint — email, phone number, exchange accounts — they can move quickly to lock the person out, drain funds, and apply pressure,” said Zhang Yutong, a digital forensics analyst at the fictional Haitang Security Lab in Shenzhen. “Financial loss is often just one dimension.
The psychological toll of real-time threats and doxxing can be severe.” Screenshots shared on private chats reviewed by this outlet appear to show partial records containing an email address, fragments of API keys, and transaction histories allegedly tied to the victim. Their authenticity has not been independently verified. Several posts also included threats demanding payment in cryptocurrency to “restore access,” a common tactic in account-takeover schemes.
Regulators and industry bodies in China have urged platforms that serve Chinese users from abroad to harden defenses as criminal groups grow more adept. “If confirmed, any breach that places consumers in harm’s way would be deeply troubling,” said a spokesperson for a regional fintech association, declining to discuss specific firms. “We expect platforms to maintain robust security controls and incident-response processes and to notify affected users promptly.” Friends of the deceased, reached through a university blockchain club in Shanghai, described the investor as a meticulous coder who mentored younger traders and contributed to open-source tooling. “They were the person everyone went to with questions,” said one friend. “They believed in building safer rails for the future of finance.”
As investigators work to piece together the hours leading up to the death, consumer advocates urged anyone who suspects their information has been exposed to act immediately: Lock down accounts: Rotate passwords, revoke API keys, and reset seed-phrase storage procedures. Harden authentication: Move to app-based or hardware security keys rather than SMS codes. Contact mobile carriers: Add a SIM-swap protection PIN and request fraud alerts. Preserve evidence: Save logs, emails, and screenshots to assist investigators and incident-response teams. Seek support: If harassment or extortion occurs, contact local authorities and crisis resources. The Public Security Bureau asked members of the public with relevant information to come forward. “We’re focused on a careful, fact-driven investigation,” Capt. Liu said. “Out of respect for the family, we are not releasing the victim’s name at this time.”
