A darknet vendor is attempting to sell 100,000 know-your-customer (KYC) documents supposedly stolen from major exchanges including Binance, Bitfinex, Bittrex, and Poloniex.
The vendor, who posts on the darknet forum ‘Dread’ under the ‘ExploitDot’ moniker, claims to have obtained details from a security breach of a third-party KYC solution provider.
Among the data available for sale is “selfies of customers,” along with “scanned documents” and “proof of address.”
The documents were listed for $10 per 100 documents, which means the entire catalogue of illicitly sourced data would sell for $10,000.
The user later added a new post stating that they would be willing to delete all of the documents if the community raised funds via a crowdfunding exchange.
ExploitDot wrote: “Should I try to start a crowdfunding in exchange to delete all the hacked documents? This is crypto related, if you ever sent a KYC chances are there is also your documents in my dump.”
He/she added: “None of the documents are sold to Terrorists or to people that would use the documents to fraud or steal from the users. My goal is to reach an amount that helps me work on my legit business with my ideas that could change the world, or I will simply die trying. Thanks for your time, I’m really interested in your opinion.”
The alleged data breach demonstrates the fragility of exchanges and their security procedures. If the data turns out to be genuine, it could steer cryptocurrency advocates away from regulated exchanges and towards decentralised exchanges, which don’t typically require identity verification.
The user went on to mention that the exchanges in question are “completely denying” that information was breached, although “there is clearly docs with ‘Binance’, ‘Poloniex’ and such written on the paper.”
Binance has shown a transparent approach when it comes to security. The exchange’s CEO, Changpeng Zhao, recently confirmed that funds sent to Binance from the Cryptopia hack had been “frozen.”
For more cryptocurrency news, guides, and analysis, click here.