HomeIndustry and AdoptionTop 5 data leakages in the crypto industry

Top 5 data leakages in the crypto industry


Related stories

Top 10 Provably Fair Bitcoin Casinos for 2024

In the world of online gambling, transparency and fairness...

Blockchain Life 2024 thunderstruck in Dubai

Dubai, April 17, 2024 - The 12th edition of...

Data is a valuable resource. Information helps manage people and their access to their assets. This is being taken advantage of by fraudsters that specialize in the crypto industry. Ever since the inception of the cryptocurrency market, plenty of coin holders have become victims of data leakages. Let’s explore the major cyber defense ruptures that brought data to the hands of fraudsters, as well as ways to protect it.

Major data leakages in the crypto industry

Throughout the crypto industry’s history, there were numerous data leakages. Some happened to be especially dangerous since they contained a lot of personal data. Let’s discover major data leakages in the cryptocurrency industry.

1. A-million-scale leak by Ledger

Ledger is one of the major hardware crypto wallet producers. In the summer of 2020, unknown persons hacked the company’s platform and stole personal data belonging to 1 million users.

Shortly after the data breach, victims reported receiving threats. Among other things, fraudsters used personal data, including data about their place of residency, to blackmail the company’s clients.

2. The BTC-Alpha Ransomware attack

In January 2022, the data from the British cryptocurrency exchange BTC-Alpha emerged on the Internet. The file that fraudsters tried to sell, contained 362,479 lines. In other words, the document included personal information of over 360 thousand users.

The BTC-Alpha data leakage

The BTC-Alpha team confirmed the data leakage. Representatives of the platform suggested that hackers might have gained access to the information by breaching the computers of several employees of the crypto exchange.

3. The database for whoever is wondering by CoinMarketCap

CoinMarketCap is one of the most popular data aggregators in the digital assets market. The project belongs to the major crypto exchange Binance. In October 2021, information emerged that a database with over 3.1 million user accounts fell into the hands of fraudsters.

The CoinMarketCap team could not provide the public with a precise answer on how the incident might have occurred. Representatives of the aggregator suggested that fraudsters collected data from third-party websites. But at the same time, CoinMarketCap’s team confirmed that the data indeed correlates with real data of the platform’s users.

At first sight, it might look like the data breach of the aggregator brought no serious threat. But that is far from the truth. Fraudsters can use any personal information related to members of the crypto community for theft. For example, in the case of the CoinMarketCap data breach, they could get information about cryptocurrencies used by each and every user of the platform.

4. “From hackers with love” to Binance

The owner of CoinMarketCap, Binance, also made this list. In 2019, the trading platform allowed a major personal data breach to happen. At first, the Binance team denied that the incident even took place. But after a file with verification photos of the platform’s users started to appear on the internet, they had to admit guilt.

Binance’s leaked user verification photos

As compensation, Binance offered victims lifetime VIP accounts. But the major crypto exchange’s database of user selfies and document photos are still at the disposal of fraudsters.

5. A 17GB gift by Pi Network

Pi Network is a popular application for crypto mining. In May 2021, the media got filled with personal data leakage reports concerning platform users and reported that fraudsters got access to a database weighing over 17 gigabytes.

Upon registration in Pi Network, clients were forced to fill in personal details, including ID document numbers, home addresses, phone numbers and emails. Such a data set is a perfect gift for all kinds of fraudsters.

What is wrong with collecting confidential data

The majority of crypto platforms are interested in operating in the white legal area without breaking any laws. Most commonly, the ground of “friendship” with regulators is built upon following KYC procedures during the registration process.

KYC stands for Know Your Customer and includes a set of procedures aimed at verifying the user’s identity. Most commonly, users provide platforms with ID scans & selfies.

Fully anonymous cryptocurrency transactions stand in the governing agency’s way. In their view, confidentiality in financial markets may lead to a spike in illegal activities. With the anonymous nature of such transactions, regulators will not be able to punish wrongdoers or investigate suspicious financial activity.

Working with KYC is a compromise that allows users to legally transact with cryptocurrencies and allows businesses to legally offer instruments to work with digital instruments. That being said, personal data leakages became the “other side of the coin” offered by regulators’ schemes.

How to safeguard your personal data

It is impossible to fully waive KYC procedures in the crypto industry. Should that happen, regulators will be forced to ban cryptocurrencies since anonymous transactions will be seen as a financial market security threat. At the same time, providing third parties with confidential data is indeed dangerous, especially in light of the industry’s history. The solution to this problem is offered by the Czech company Hashbon. The team developed the “anonymous KYC” scheme with its core element in the form of a digital document – the NFT passport Hashbon Pass. Here is how it works:

  • The NFT passport Hashbon Pass comes in the form of a non-fungible token (NFT). All information about the digital asset is registered on the blockchain. A decentralized approach to data storage allows the technology to guarantee its authenticity.
  • To get the NFT passport Hashbon Pass, users should provide the platform’s verifiers with all the necessary data for KYC. If all is good, the system issues the digital document to the user.
  • After that, to pass KYC procedures on some platforms, it will be enough to use Hashbon Pass. The passport itself contains no personal information but your age, citizenship and nickname. Therefore, confidential data will never be in the hands of third parties. At the same time, the platform where the user registers will get all necessary confirmations necessary for verification purposes. Should it be needed, governing agencies can request the data directly from licensed verifiers listed by Hashbon.

Hashbon Pass’ interaction scheme

The NFT passport Hashbon Pass not only safeguards personal data from leakages, but also saves time. Now instead of going through registrations, again and again then filling in a captcha, it is enough to just register an account and pass verification with one click.

Opportunities provided by the NFT passport Hashbon Pass

Interesting! The NFT passport Hashbon Pass can be used not only within the crypto industry, it’s also well-suited for the world of traditional finance. In fact, a digital document is a universal ID token.

Hashbon’s offering is especially relevant for platform owners that ask users to follow KYC procedures. Integration of the project will increase business appeal by providing safety assurances.

The Hashbon Pass launch is planned for June 30, 2022. Follow the project’s updates and request a demo version of the service on the official Hashbon website.


- Never miss a story with notifications

- Gain full access to our premium content

- Browse free from up to 5 devices at once

Latest stories