Pages:
Author

Topic: What happens when your identity is stolen -- real story || Avoid CEXs! - page 3. (Read 1019 times)

sr. member
Activity: 2520
Merit: 280
Hire Bitcointalk Camp. Manager @ r7promotions.com
Losing our data to a criminal could possibly the worst scenario of doing KYC but this is about privacy and how our personal data is handled by the platform that we share with. Data is the gold of 21st century so we all should know how to keep our privacy as our highest priority and we should be cautious while sharing anything with other platforms and if the platform shares it with others for their promotions then the risk increases higher.
legendary
Activity: 1680
Merit: 6524
Fully-fledged Merit Cycler|Spambuster'23|Pie Baker
So since then I have stopped using coinbase services.

That was a smart move. I hope that you also stopped using centralized exchanges since then...

I didn't use coinbase exchange much but used coinbase wallet for long time but it restricted my account even though my kyc is complete.  Although it was solved after a month but this one month I really struggled to solve it because I had a large amount of Ethereum there.

This is another reason for which you should never used a centralized exchange: similar to banks, they can always seize your account (abusively or not). You are not the owner of your funds once you deposit the money at the exchange. This is because you are not in possession of your private keys. And the saying "not your keys, not your coins" is very valid and it was also stated in a Court decision, by a judge! As a coincidence, the trial involved again Coinbase's name. The exchange was called into a Court of Law by a client which was not allowed by the exchange to redeem his BTG coins after Bitcoin Gold fork occurred. Judge's final decision clearly states that not your keys, not your coins.
hero member
Activity: 1316
Merit: 593
Vave.com - Crypto Casino
I don't think kyc on reputable exchanges like Binance, kucoin etc will have any data theft.

Have you read in OP that Coinbase sold clients' data to third parties? Isn't Coinbase also a reputable exchange? Besides, don't you know that Binance got hacked twice already? Only luck made that Binance clients did not have their personal information stolen as well and hackers were only interested in their deposits...
conbase is also a reputable exchange and wallet. I didn't use coinbase exchange much but used coinbase wallet for long time but it restricted my account even though my kyc is complete.  Although it was solved after a month but this one month I really struggled to solve it because I had a large amount of Ethereum there. So since then I have stopped using coinbase services. This is why I mention coinbase very rarely in different place
hero member
Activity: 490
Merit: 620
Pizza Maker 2023 | Bitcoinbeer.events

I don't know how much your password can help you if hackers break the database of the exchange. Remember that the forum also got hacked in the past and hackers obtained many passwords of users' accounts...
Indeed, a strong password is useful but it's not all you need for not having your identity stolen. For not having your identity stolen no third party should have your data.


Yes, even corrupting the database is a valid option for data leakage but we ourselves do not realize how much free data we are releasing, this information could come back to haunt us in the future, even simply thinking about a change of policy and therefore thought in our country.  For example, if we buy Bitcoin today or if we subscribe to propaganda sites, this information could become illegal and we would be persecuted.
legendary
Activity: 1680
Merit: 6524
Fully-fledged Merit Cycler|Spambuster'23|Pie Baker
I think it's not so much how willing you are to use a cex but rather how strong your password is whenever you sign up for services that use KYC, and obviously how serious the service you're using is.
[...] So the first source of security is yourself.

I don't know how much your password can help you if hackers break the database of the exchange. Remember that the forum also got hacked in the past and hackers obtained many passwords of users' accounts...
Indeed, a strong password is useful but it's not all you need for not having your identity stolen. For not having your identity stolen no third party should have your data.



from this case it is really very dangerous to do KYC on an exchange, anything can happen beyond our control, very terrible,
but how can we trade if we don't do kyc on the exchange, even though that's the main part of being able to trade and withdraw funds.

As I wrote above, you should use only decentralized exchanges, crypto ATMs and peer-to-peer transfers. You can always search on CoinATMRadar for a cash-in / cash-out crypto ATM in your area. These ATMs are (supposed to be) anonymous, although their fees are not small...



This is one hell of a nightmare, wouldn't be surprised if he quit his driving job  with all the humiliation he keeps getting Sad But why didn't he use his lawyers to sue these convicts for identity theft and all trumour suffered because of  their actions..?(

If you carefully read OP you'll notice that the first thief was caught and convicted. Then another thief used the victim's identity... He was in an endless loophole...

Btw if I were him,would have gone with changing identity, the damage is to much Cry

I doubt this would be a good idea... As bittraffic observed, such move would only draw even more suspicion on you...



The exchanges in question are Binance and kucoin. Now my question is; Is they a way to prove that my details has truly been wiped out from their database after completing all the procedures?

No, there is no way to know for sure that your data was actually deleted...



I don't think kyc on reputable exchanges like Binance, kucoin etc will have any data theft.

Have you read in OP that Coinbase sold clients' data to third parties? Isn't Coinbase also a reputable exchange? Besides, don't you know that Binance got hacked twice already? Only luck made that Binance clients did not have their personal information stolen as well and hackers were only interested in their deposits...
hero member
Activity: 1316
Merit: 593
Vave.com - Crypto Casino
cex exchange provides very good services in many cases like p2p facilities so many people are more interested in using cex.  But one problem in cex is that kyc is mandatory to trade or withdraw high amount. But in this case, there is a fear of kyc information being stolen.  But I don't think kyc on reputable exchanges like Binance, kucoin etc will have any data theft. But be careful while doing kyc on any new or non popular cex and avoid using smaller cex exchanges. Because in small cex there is a lot of risk of KYC documents being stolen as well as deposited funds
hero member
Activity: 700
Merit: 541
Bitcoin Casino Est. 2013
I already have my personal information tied to two exchanges already, back when I newly got into Bitcoin before getting exposed to lectures on privacy and what being careless with your personal information could cause, I had already registered an account in two exchanges and had to complete my KYC so that I could use the p2p service. Although they stated that if I wanted to get my info deleted from their system I should make a request and follow some directives and that way my details would be wiped out from their database.

The exchanges in question are Binance and kucoin. Now my question is; Is they a way to prove that my details has truly been wiped out from their database after completing all the procedures?
hero member
Activity: 1834
Merit: 879
Rollbit.com ⚔️Crypto Futures
This is one hell of a nightmare, wouldn't be surprised if he quit his driving job  with all the humiliation he keeps getting Sad But why didn't he use his lawyers to sue these convicts for identity theft and all trumour suffered because of  their actions..?

Btw if I were him,would have gone with changing identity, the damage is to much Cry

Quote
All those using centralized exchanges must be aware that at any time the exchange can be hacked and risk not just their funds but also face the risk that hackers steal also their personal information and use it against them.
The digital world is a whole different place which needs everyone of us taking extra precautions to protect our data, btw in such scenarios, does the exchange protect itself from being sued for misuse of data or failure to secure this data using its terms and conditions ?? ***Kind of reminds me of Facebook***


sr. member
Activity: 1362
Merit: 258
Instant cryptocurrency exchange with own reserves!
from this case it is really very dangerous to do KYC on an exchange, anything can happen beyond our control, very terrible,
but how can we trade if we don't do kyc on the exchange, even though that's the main part of being able to trade and withdraw funds.
hope that in the future all exchanges can be responsible for existing data
hero member
Activity: 490
Merit: 620
Pizza Maker 2023 | Bitcoinbeer.events
I think it's not so much how willing you are to use a cex but rather how strong your password is whenever you sign up for services that use KYC, and obviously how serious the service you're using is.
Breaking a password is not very difficult, simply giving an example a social network like Facebook will ask for a password with certain requirements (min. 8 characters, must contain a capital letter, at least one number and a special character) now think how much it has narrowed the field of research. A hacker can do a brute force attack and a dictionary already with that information and trust me it often takes 1 week to hack.  So the first source of security is yourself.
legendary
Activity: 1680
Merit: 6524
Fully-fledged Merit Cycler|Spambuster'23|Pie Baker
Identity and documents can be stolen anytime if they are sent for any verification, so I would suggest regular people to stay away from CEX like Coinbase, Binance., etc, or at least be aware of the risks and use them sparingly.

This is very well said, dkbit98! And I hope that my story will help many users to understand how it really feels to live such drama. I also suggest reading a topic written by 1miau, which is complementary to mine: Why KYC is extremely dangerous – and useless (I believe that Sarah Azhari, quoted below, will be very interested in reading 1miau's topic.)



your story worries me, if I already have KYC, what can I do now?

Well, first of all you should inform the ones having your personal information that they do not have your consent anymore for processing your personal information. And according to GDPR, they should agree to delete the information they have about you. However, GDPR is recognized only in Europe, therefore if you will address to a company from the rest of the world, GDPR will be useless. If they won't agree, you will have to sue them.

do they really clean up my database KYC if I did cancel my membership or delete my account?
It mostly depends on who is "they". If "they" are a honest business, they should delete your personal information upon your request. The problem is that you may never know for sure if they did it... Furthermore, in case you gave your personal information for something which has a financial connection, then your data will be deleted in 3-5 years (if they will ever delete it)...

I also do not know how to sue them, because like my experience in past, where the Facebook case "Cambridge Analytic", give my KYC on a third party to a consultant company. Until now I don't know how to sue (1 BTC) Mark Zuckerberg because I've already KYC (taken a picture and sent my ID Card) before.

You have to contact a lawyer from your country. I don't know your country laws, nor who you want to sue... But best advice is this: (1) contact the ones having your personal information and let them know that you don't consent to have your data anymore; (2) wait for their answer; (3) if the answer is positive, you can only hope they will actually delete your data; (4) if their answer is negative or if they don't answer at all, then contact a lawyer. You may never know what may happen with your data. And, as you saw in the story from OP, an identity theft is a living hell...

If you wish, you can keep us posted with what progress you made.
legendary
Activity: 4270
Merit: 4534
Hackers may steal your data. Even the exchanges may sell your data, as it was the case of Coinbase. So we're not talking about a shady exchange from a third world country, but about one of biggest exchanges worldwide. Yet this exchange was caught selling customers' data.
your story worries me, if I already have KYC, what can I do now?, do they really clean up my database KYC if I did cancel my membership or delete my account?.

financial data usually needs to be kept on file for upto 6 years(countries vary) due to tax related stuff and other AML / bank secrecy act policies
UK - https://www.gov.uk/guidance/money-laundering-regulations-your-responsibilities#record-keeping-requirements
Quote
You must keep your records for five years beginning from:
    the date a business relationship ends
    the date a transaction is completed

US - https://www.fincen.gov/sites/default/files/shared/bsa_quickrefguide.pdf
Quote
Keep the record for 5 years from the date of
transaction.
and yes expect exchanges to sell your data. much like expect your bank to sell your data
(banks DEFINITELY sell your data to other commercial businesses if you sign up to accounts that give "cash back offers on purchases" (because thats how they get the cash to give back))

however. be more aware if strangers on de-fi ask for KYC as they are more likely to use your information on dark markets

selling data to other legitimate businesses is less risk then handing id to stranger who can use it on dark markets
hero member
Activity: 868
Merit: 737
Hackers may steal your data. Even the exchanges may sell your data, as it was the case of Coinbase. So we're not talking about a shady exchange from a third world country, but about one of biggest exchanges worldwide. Yet this exchange was caught selling customers' data.
your story worries me, if I already have KYC, what can I do now?, do they really clean up my database KYC if I did cancel my membership or delete my account?. I also do not know how to sue them, because like my experience in past, where the Facebook case "Cambridge Analytic", give my KYC on a third party to a consultant company. Until now I don't know how to sue (1 BTC) Mark Zuckerberg because I've already KYC (taken a picture and sent my ID Card) before.
legendary
Activity: 4270
Merit: 4534
here is the thing
(i am not promoting CEX or denying utility of de-fi. i am being frank and rational about identity theft using observations)

the OP's story is not about identity theft related to a CEX..
the OP admits to this in his first sentance..


here is one thing i have seen happen in the past related to de-fi/localbitcoins(services like craigs list of buyers/sellers with a escrow service included)

when doing private bitcoin-fiat swaps with random strangers.  independently of a central market orderbook

some strangers steal from each other by doing chargeback scams

chargeback scams are where you would buy btc with fiat and then call your bank and claim someone falsely used your account to pay some scammer.. .. thus get a refund on your bank transfer and give the btc seller a red flag. resulting in them having their account closed
(many people had their accounts closed and it gave a bad impression with banks about bitcoin traders)

this then caused many bitcoin sellers to start requesting KYC on these de-fi methods of trading to prove the transactor is the bank account holder to use as evidence that there was no false transfer. thus avoid this drama of accusation

then malicious people using the kyc request ' new norm' experience people had to go through.. started requesting KYC and then selling the data to others on the darknet

and then those identities were used for nefarious purposes

yep
this is why many banks disliked bitcoin traders in the years 2013-16 of localbitcoins
this is why when the kyc stuff started up in 2016+
this is why many users stopped using local bitcoins more recently
this is why localbitcoins closed down even more recently

you will find the 2020 new "de-fi" crap will cycle through the same experience as localbitcoins
scamming for value. KYC to protect traders.. then scamming for identity. then people disliking and losing faith in the latest versions of de-fi
legendary
Activity: 2212
Merit: 7064
So are you still willing to use CEXs?
Not really, but I can understand why many people are still using centralized exchanges a lot, maybe when they are exchanging larger amount of money and they want to buy/sell lot of Bitcoins.
I am all for P2P trading and decentralized exchanges like Bisq, but let's be realistic and say that we can't expect everyone to use DEX especially if they are companies or financial institutions.
Identity and documents can be stolen anytime if they are sent for any verification, so I would suggest regular people to stay away from CEX like Coinbase, Binance., etc, or at least be aware of the risks and use them sparingly.
hero member
Activity: 3038
Merit: 617

The lawyer's suggestion to change his name is the worse idea. Because that would add up again to another suspicion from the police as to why he changed his name.  I think he just has to bring papers every time proving he was cleared of the car and boat theft.

Yep, this could happen to any of us who have submitted all the documents to ICO projects or CEX. Very alarming that if it happens to you in one country, it could also happen to any country you will visit.
legendary
Activity: 1680
Merit: 6524
Fully-fledged Merit Cycler|Spambuster'23|Pie Baker
As much as possible I wanted to avoid using CEX but the problem lies on where I can exchange my cryptocurrency since not many of them are listed on DEX'es and/or don't have liquidity but only on centralized exchanges.

Indeed, not all decentralized exchanges have liquidity. However, you can always search on CoinATMRadar for a cash-in / cash-out crypto ATM in your area. These ATMs are (supposed to be) anonymous, although their fees are not small... As an alternative, you can also try peer-to-peer transfers.

I bet the person's identity information stated by @OP was leaked by other sites and not by centralized exchanges.

Indeed, the subject of OP did not have any connection with crypto. However, as I wrote also inside OP, this is not the point. The main subject is to understand what you may live once your identity is stolen. Then I explained that such thing may happen if you use centralized exchanges.



Wooowww, really sounds scary as shit.  Lips sealed

Indeed...

Is it known where his data and which data was stolen?

No, this information was not published...

I can believe once such data is gathered in DarkNet spaces and combined from other hacks / leaks, it might get pretty dangerous for people which data got leaked. KYC on centralized exchanges is very risky and we should avoid it.
But not limited to KYC, look at how many people were affected from Ledger's hack and received scary letters in their (physical) mailbox at home. And Ledger downplayed these hacks...

Indeed, my dear 1miau. This is why we have to do everything we can to ensure that our personal information remains personal.

In Germany, many banks are even deliberately ignoring BaFin (German SEC) standards and are getting away with it...

Really? I would not expect something like that from a country like Germany... Wow!

Anyways, Mannheim has a veery nice park.  Smiley

Hehe, good to know! Smiley
LDL
hero member
Activity: 742
Merit: 671
The biggest crypto heist in the bitcoin history...

1. Mt.Gox
2. Linode
3. BitFloor
4. Bitfinex
5. Bitgrail
6. Coincheck
7. Kucoin
8. PancakeBunny
9. Poly Network
10. Cream Finance
11. BadgerDAO
12. Bitmart
13. Wormhole
14. Ronin Network
15. Beanstalk
16. Harmony Bridge
17. FTX

All these exchanges have been hacked at various times and have robbed people of billions of dollars. Not only billions of dollars have been stolen but also the information of various customers has been stolen. To all of you, always be careful when using centralized or decentralized exchanges. Your personal information can be stolen at any time.

Full details here: https://cointelegraph.com/explained/the-biggest-crypto-heists-of-all-time
hero member
Activity: 1792
Merit: 534
Leading Crypto Sports Betting & Casino Platform
As much as possible I wanted to avoid using CEX but the problem lies on where I can exchange my cryptocurrency since not many of them are listed on DEX'es and/or don't have liquidity but only on centralized exchanges.  Aside from that database leak is not only on CEX but also on the poor security of the government websites like the one in my country where the official site of the list of voters where breached

I bet the person's identity information stated by @OP was leaked by other sites and not by centralized exchanges.  Though I agree that some exchanges such as Coinbase which is rumored to be selling data to a third-party company.  This article[1] stated that Coinbase is selling geo-location information to ICE.



[1] https://www.coindesk.com/business/2022/06/29/coinbase-is-reportedly-selling-geo-location-data-to-ice/

I limit using CEX to insure my assets. I would like to ask everyone here who doesn't have a bank account, who doesn't have a citizen ID?...and many services in daily life we have to use citizen ID. If we all did it, it means our identity was exposed or sold before we used the centralized exchange. Don't blame CEX when our identity is sold, but many other cases. Apart from bitcoin, everything in this world is centralized, and we are using them every day, from our place of residence, school, and work... they all hold our identity. Our identities have long since ceased to be private.
legendary
Activity: 2226
Merit: 6947
Currently not much available - see my websitelink
Wooowww, really sounds scary as shit.  Lips sealed

Is it known where his data and which data was stolen?

I can believe once such data is gathered in DarkNet spaces and combined from other hacks / leaks, it might get pretty dangerous for people which data got leaked. KYC on centralized exchanges is very risky and we should avoid it.
But not limited to KYC, look at how many people were affected from Ledger's hack and received scary letters in their (physical) mailbox at home. And Ledger downplayed these hacks...


So we're not talking about a shady exchange from a third world country, but about one of biggest exchanges worldwide.
Most often, it's about to save costs. Shady, insecure and often fraudulent verification processes are offered. Computer science experts have warned about it multiple times but nobody listens...
In Germany, many banks are even deliberately ignoring BaFin (German SEC) standards and are getting away with it...

And, as you've said, some centralized exchanged are deliberately selling data to make more profits. Such exchanges engaging in such criminal busines, endangering customers, should face massive legal consequences.


A recent article from Romanian newspaper Adevărul tells the story of C.T. (36 years old), living in Germany for the last 8 years.

While his main job is to be a driver in Mannheim, C.T. also acted as a vlogger and it seems that thieves of personal information became interested about his name.

Anyways, Mannheim has a veery nice park.  Smiley



From Facebook to Google gates and this story as well as other stories, KYC is extremely dangerous - and useless
+1
Pages:
Jump to: