Business Digital Index Releases Cybersecurity Assessment of 24 Major Cryptocurrency Exchanges
Cybersecurity ratings of top cryptocurrency exchanges
The assessment is based on continuous external scans of publicly exposed digital assets and does not involve intrusive testing. It reviews multiple cybersecurity domains, including software patching practices, historical exposure of employee credentials, web application security, email security, SSL/TLS configuration, system reputation, and hosting infrastructure.
As part of the evaluation, BDI analyzed verified breach data to identify instances of corporate credentials appearing in dark-web marketplaces. The analysis also examined indicators of password reuse, which is a recognized risk factor for organizational security exposure.
According to the findings, only three exchanges—Biconomy, Toobit, and Deepcoin—received the highest overall security grade in the assessment. These platforms exhibited minimal externally observable risk indicators and had little to no associated corporate credentials identified in breach datasets.
The assessment also highlights how organizational scale can influence external risk scores. Larger platforms typically operate more complex infrastructures, which may increase exposure to misconfigurations or unpatched components. For this reason, platform size is factored into the scoring methodology.
In the case of Coinbase, the analysis identified externally observable indicators such as corporate credentials circulating in dark web databases, patching-related findings, and SSL/TLS configuration issues. BDI notes that the presence of such indicators does not automatically imply exploitability and that mature organizations often deploy compensating controls and internal security measures that are not visible through external analysis.
The review also found that 63% of the assessed exchanges showed evidence of historical employee password reuse across multiple services, based on verified breach data. While this does not indicate current credential use, it remains a relevant indicator of past password hygiene practices.
One exchange, LBank, displayed a higher concentration of unresolved external risk indicators, including unpatched vulnerabilities flagged as critical. Software patching is a significant factor in BDI’s scoring model due to its direct relevance to exploitability.
BDI emphasizes that the assessment reflects external cybersecurity signals only and should be considered as one input among many when evaluating organizational risk.
About Business Digital Index
Business Digital Index is a cybersecurity reputation and risk-rating platform that provides organizations and stakeholders with continuous, data-driven insights into external cybersecurity posture. BDI evaluates publicly accessible digital assets using a weighted scoring model informed by real-world attack patterns, technical vulnerabilities, and historical breach intelligence to deliver standardized and comparable security ratings.
Edvardas Garbenis
Business Digital Index
press@businessdigitalindex
Legal Disclaimer:
EIN Presswire provides this news content "as is" without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.
