According to the official announcement by Binance:
“We have discovered a large scale security breach today, May 7, 2019 at 17:15:24. Hackers were able to obtain a large number of user API keys, 2FA codes, and potentially other info. The hackers used a variety of techniques, including phishing, viruses and other attacks. We are still concluding all possible methods used. There may also be additional affected accounts that have not been identified yet.”
The hackers were able to withdraw 7000 BTC in this one transaction.
They had the patience to wait, and execute well-orchestrated actions through multiple seemingly independent accounts at the most opportune time. The transaction is structured in a way that passed the existing security checks. It was unfortunate that Binance was not able to block this withdrawal before it was processed. Once executed, the withdrawal triggered various alarms in the system. All withdrawals were stopped immediately after that.
A thorough security review will be conducted. The review will include all parts of the systems and data, which is large. This is estimated to take about one week. Deposits and withdrawals will remain suspended during this period of time.
Binance stated that it will cover the incident in full. No user funds will be affected. It’s still unclear though if Binance was hacked or if this loss of BTC was a result of many users getting phished.