A KYC database sold on the Darkweb ? - page 6.

target

legendary

Activity: 2282

Merit: 1041

It just prove no matter how security experts are doing to their platforms, its still has no match to the skills of someone who also have an updated penetration skills.

Quote

It’s yet another example of why you should use a password manager such as LastPass.

I can not agree to this though. The more you use this kind of programs the more its going to be easy for you to be hacked. You put your passwords in mind, you will never be hacked.

squatter

legendary

Activity: 1666

Merit: 1196

STOP SNITCHIN'

Quote from: HiDevin on January 21, 2019, 02:28:18 AM

Bittrex, Poloniex, BitFinex, are all widely used by people and all users had to do KYC to even trade on the exchange.
Even Poloniex removed legacy accounts ( I have one ) but it has a 0$ limit now due to KYC.

These are all exchanges I would never trust with my data. I pulled all my funds out of Poloniex as soon as they announced mandatory KYC. I'd be especially wary of Bitfinex -- they operate out of the British Virgin Islands and they prohibit US customers, so there's not much legal pressure on them to protect your data.

When you look at the way Coinbase and Gemini approach legal compliance and security, I have considerably more faith in them. They could have their databases hacked too, but I think the chances are much lower.

If you need to do KYC to cash in or out, choose one reputable place like that and stick with it. The more places you verify with, the higher the chances of identity theft.

cryptjh

full member

Activity: 532

Merit: 185

All those KYC papers are most likely from some of all the free ETH based airdrop coins, people have submitted KYC to get, most of those scam airdrops didn’t even happened, but suspect people have guarded ten of thousand of KYC from airdrop bounty hunters.
I guess some people have re used the same picture the used when they got approved at their exchanges. And those few pictures are now being used to sell the KYC database as an exchange hack.

boled

full member

Activity: 590

Merit: 116

I just read this from Instagram and it turns out that someone has posted it on bitcointalk. I am a member of poloniex, bittrex and binance too. Long before the market was crowded like now, I had done KYC and was fully aware and suspected that this would happen. So when this really happens I cannot regret or blame the market.
I am indeed disappointed, but this is the reality that exists today, not only in the crypto world, data sales also occur in the world of banking and insurance. KYC is part of regulations made by the government, Market follows existing regulations, the choice to do KYC is in our hands.

mitchr4

legendary

Activity: 2716

Merit: 1017

Join the world-leading crypto sportsbook NOW!

This is very worrying about the sales of KYC data in Darkweb if it is leaked, of course this is very damage to the people who have made KYC. I will not do this anymore, it has scared us what if our data is used for bad things?

shesheboy

full member

Activity: 714

Merit: 114

Quote from: HiDevin on January 21, 2019, 02:28:18 AM

This is why I don't do KYC at all on any exchange. Even if it asks for my First and Last name I don't do it.
To the people saying they will only do KYC with trusted exchanges now, just look at the article.

Bittrex, Poloniex, BitFinex, are all widely used by people and all users had to do KYC to even trade on the exchange.
Even Poloniex removed legacy accounts ( I have one ) but it has a 0$ limit now due to KYC.
Like @repear7 said, even though it is used for a good cause, there is always a big downside with it being your protecion of privacy.

same here i dont also do kyc , not because im afraid that i can potentially hack but because i dont have a passport and im also too lazy to do these kind of stuffs even if i have the requird i.d so i wont do it at all . many generic exchanges out there that offers the same service but they dont ask for the kyc or other o.a verifications .

Quote

Re: A KYC database sold on the Darkweb ?

kyc's arent only sold on the darkweeb but it has been also sold all aroound the web . there are also sites that offers kyc for you .

HiDevin

member

Activity: 226

Merit: 30

so.. hru?

This is why I don't do KYC at all on any exchange. Even if it asks for my First and Last name I don't do it.
To the people saying they will only do KYC with trusted exchanges now, just look at the article.

Bittrex, Poloniex, BitFinex, are all widely used by people and all users had to do KYC to even trade on the exchange.
Even Poloniex removed legacy accounts ( I have one ) but it has a 0$ limit now due to KYC.
Like @repear7 said, even though it is used for a good cause, there is always a big downside with it being your protecion of privacy.

hahay

legendary

Activity: 3486

Merit: 1055

Leading Crypto Sports Betting & Casino Platform

Creepy and it happened. Cry

In the beginning I also didn't want to involve personal identities, but with KYC applied to every big exchange and because I also have an interest in an exchange, then I was forced to send KYC which continued to become like I don't care because the current standard is verify KYC. This problem has indeed been feared from the beginning, but we cannot do anything because we also need an exchange for crypto trading and also convert it to fiat.

repear7

full member

Activity: 1026

Merit: 110

Need Bounty manager ? Contact @repear71

Becoming a concern when all our personal data is traded for certain purposes and this is a real crime. KYC is one of the efforts to prevent money laundering but there is still a bad side where our personal data protection is still weak, allowing some parties to abuse. See some the case is to be more careful again, if you are an investor in an ICO project, then consider again how they protect our privacy.

Tylev

full member

Activity: 854

Merit: 104

Quote from: Pumared on January 20, 2019, 09:54:43 PM

Before distributing your data around, the right is at least check out if the location where you will leave the data has some credibility. It is the most sensible to do.

The fact is that nowhere can we be sure that our data will remain safe. Especially when it comes to ICO. Now transfer our data to the ICO teams anyway that transfer them directly to the criminals. And now they often get our data, and even so they try not to pay us the earned tokens. This is generally a nightmare.
Because of all these problems, many people quit their job at the ICO bounty. Now, even to our wallets, we rarely get tokens, all on their sites or new exchanges.

ranman09

full member

Activity: 756

Merit: 112

The bad thing about KYC. But we cant do nothing about it. The only thing we can do is either to abide or not to use the service. But without the service how are we going to profit?

Irvinn

full member

Activity: 966

Merit: 104

Quote from: kenzawak on January 20, 2019, 11:52:19 AM

Hacked Customer Data From World Leading Cryptocurrency Exchanges For Sale On The Dark Web?

https://www.ccn.com/hacked-customer-data-from-world-leading-cryptocurrency-exchanges-for-sale-on-the-dark-web/

"On a darknet market called “Dread,” a vendor going by “ExploitDOT” is attempting to sell user data from the know-your-customer (KYC) data top cryptocurrency exchanges ask for, required by most jurisdictions.

According to data shared with CCN, the hacker has an ad that has been online since July 2018, in which he claims to have hacked documents used in KYC checks – including identity cards and drivers’ licenses – from users of top exchanges like Bittrex, Poloniex, Bitfinex, and Binance.

The data is seemingly for sale for $10 per 100 documents or more, with discounts applying for those who buy in bulk, all the way up to $1 per 1,000 for an order of over 25,000. CCN was able to independently verify the ad on the dark web, which is still online. No links to it will be added to avoid promoting the service."

A few days ago, this also made news :

https://www.techspot.com/news/78317-leaked-database-exposes-87gb-emails-passwords.html

That was to be expected. Now our personal data will grow in value, since the number of KYC checks is only increasing and this will generate demand for our data, because they are ideally suited to provide similar KYC checks in other places. That is why I was always against these KYC checks against bounty hunters, because they are illegal against them at all. It’s just the ICO teams' amateur performance. By the way, because they themselves do not know what to do next with our data, where and for how long they should be stored. But this is nothing. The problem will begin when the police call on us in connection with our involvement in the crimes committed and we have to prove that we just underwent a KYC check somehow, or maybe more than once and were scattered with our data and copies of our documents.

vv181

legendary

Activity: 1932

Merit: 1273

I hope this raises a concern toward our own privacy because the majority does not really care about their own privacy. It is not worth to do KYC verification for cryptocurrencies things, It is a decline in cryptocurrencies ecosystem since cryptocurrency are mean to be decentralized, open, borderless, and trustless. Surely it is a setback for cryptocurrencies community when the majority of it does not utilize the benefit of the underlying cryptocurrencies technologies.

Sadlife

sr. member

Activity: 1400

Merit: 269

This is why i hate kyc's especially when new projects with unknown devs are launching it that needed your personal information i dont know why they necessarily need it for but for god sake who knows what they're doing to our private data. They could sell it in darkwebs or even use it for their own gains like target marketing, identity theft and hacking other associated accounts.

Pumared

sr. member

Activity: 1316

Merit: 407

stead.builders

Before distributing your data around, the right is at least check out if the location where you will leave the data has some credibility. It is the most sensible to do.

Hueristic

legendary

Activity: 3836

Merit: 4969

Doomed to see the future and unable to prevent it

Quote from: eternalgloom on January 20, 2019, 05:49:52 PM

And this is exactly the reason why I refuse to use any exchange that forces me to upload personal identification documents.
I've mentioned this many times in previous posts, but most people just don't seem to care.

In a way I'm kinda glad that this happened, just because now I can actually prove my point the next time this comes up.

I only buy Bitcoin through a Dutch exchange that works with IBAN (Bitonic), they only do SMS verification and your account is verified by purchasing Bitcoin via IBAN transfer.
I have a burner sim card, so that isn't a problem for me. I also don't mind using IBAN, since the transfers are secure.

To all people who just send their passports and pictures to exchanges without thinking about it:
Have fun dealing with identity theft in the future!

QFT, and lets not forget.

Quote

Data of 143 million Americans exposed in hack of credit reporting agency Equifax

https://www.washingtonpost.com/business/technology/equifax-hack-hits-credit-histories-of-up-to-143-million-americans/2017/09/07/a4ae6f82-941a-11e7-b9bc-b2f7903bab0d_story.html

eStratum

newbie

Activity: 2

Merit: 4

This is one of the Main reasons we did not proceed with an ICO: https://bitcointalksearch.org/topic/m.47003491

We simply found no way to reliably store user's personal information, so we decided to outsource this scope. However, outsourcing only shifts the workload but not the legal responsibility. We would still be liable for the failing of the KYC/AML service provider, and we didn't find anyone that stood out with their safety and security. Everyone we approached was focused on telling us how quickly and cost effectively they can "tick the KYC/AML box" for us. The problem is that we are not after just ticking a box, we work in concrete and we want solid foundations and clear understanding of the withstand capacity of the service providers' systems, which turned out to be all in the wind.

On top of that, we would still need to store your information to pay you back the capital and share of profit, and for accounting with the tax office, not just for KYC/AML reasons.

We're all for as much regulation as possible, as long as it is accompanied by clear methods of implementation and delineation of responsibilities.

Our view is that KYC/AML should only be carried out by a government agency.

We're still watching this space.

xuan87

legendary

Activity: 1666

Merit: 1001

This is one of the reasons I always reject the kyc idea, and now the information was leaked and no one going to responsible at all, it is very dangerous to submit kyc at the site that we don't know and once it leak it will be difficult to take care of this situation, because we don't even know whose data were being stolen

mangsitin

full member

Activity: 546

Merit: 100

Quote from: Elby on January 20, 2019, 07:09:22 PM

Thats why I hate the KYC, would only do KYC for a legit exchanger now.

Yes, I was very worried when the Bounty campaign required KYC to qualify for the prize, but I was anxious at this stage, because when bad people found it, it would automatically damage my database. So I think we should be more careful in making KYC for the campaign.

Elby

member

Activity: 252

Merit: 10

Thats why I hate the KYC, would only do KYC for a legit exchanger now.

Topic: A KYC database sold on the Darkweb ? - page 6. (Read 18806 times)