Top cryptocurrency exchanges such as Binance, Bitfinex, Poloniex and Bittrex have had their Know Your Customer (KYC) information hacked with it now being sold on the dark web. An account named "ExploitDOT" on the Dread market is selling the highly sensitive data including images of people holding their personal identification cards and drivers licenses which can be used in identity theft.
Having been suppressed from the news until now, the data has been available since July 2018 in an ad on the website. 100 user accounts information are being sold for 10$ and there's a discount for buying in bulk, as low as 1$ per 1000 user accounts when buying over 25k accounts. The ad has been verified by multiple reliable sources and is very real, still exists online as of the date of posting. No link will be provided to avoided promotion.
A cyber security professional who wishes to remain anonymous detailed that he had managed to obtain multiple samples free of charge as proof of the files existence. The samples included things such as customers holding up pieces of paper with "Binance" and a date.. faces are visible in the pictures, along with ID cards or drivers licences.
The seller has files on customers from every country that host cryptocurrency exchanges, demonstrating the massive scale of this breech. Binance claims they have been so far unable to find out how this information was stolen, adding to the concern. They have also refused individual requests for comment. Binance is known for its security practices in the crypto community so this will surely deal a severe blow to their reputation, among all the others. Poloniex made news for having locked its customers out of their accounts until they provided this information, which has now been stolen to the sole detriment of the customers, who will receive no compensation.
There have been suggestions the leaked documents could be related to another massive 88GB hacked file dump, Collection #1, which has over 700 million e-mail addresses and 21 million passes.
Know Your Customer regulations are extremely controversial and not actually mandatory as Binance has a 2 Bitcoin (over 5,000$) DAILY withdrawal that does not require any KYC information. Any exchange which does use KYC is doing their customers a disservice and it deserves to be pointed out that a business managing millions of dollars can not use any one countries regulations as an excuse. There exist many tiny islands with zero financial regulations, such as the Marshall Islands. An exchange named 1Broker was hosting out of Marshall Islands when US NKVD seized their foreign servers which were inside the US itself. They simply put up new servers and kept going, nothing the US can do. Regulations are not mandatory.
So that said, the blame falls entirely on the pro-regulation crowd, Coinbase and Ripple as these are the prime forces behind this shift towards optional Know Your Customer, and Anti-Money Laundering(AML) regulations. In reality, the intended result is that all coins are labelled securities, that you need to have a net worth of 1,000,000 dollars or 200k yearly income to be an accredited investor in order to purchase them. That is definitely not going to improve mass adoption, if anything it would prevent it entirely.
Hello @williampierce! This is a friendly reminder that you have 3000 Partiko Points unclaimed in your Partiko account!
Partiko is a fast and beautiful mobile app for Steem, and it’s the most popular Steem mobile app out there! Download Partiko using the link below and login using SteemConnect to claim your 3000 Partiko points! You can easily convert them into Steem token!
https://partiko.app/referral/partiko
Congratulations @williampierce! You received a personal award!
You can view your badges on your Steem Board and compare to others on the Steem Ranking
Vote for @Steemitboard as a witness to get one more award and increased upvotes!