With energy prices rising, switch to a cheaper plan
Compare Prices Now

Seller claims to have 100,000 KYC documents from crypto exchanges, ICOs

Posted: 22 January 2019 3:13 pm
data privacy information breach theft hacker

Are the seller and the anonymous "cybersecurity expert" who broke the story the same person?

An anonymous cybersecurity expert has contacted CCN to alert it to a dark-web advertisement, in which someone claims to be selling 100,000 AML/KYC documents ripped from several exchanges and ICOs, including Bittrex, Poloniex, Bitfinex and Binance.

The ad has reportedly been online since July 2018, with prices from 100 for $10 to $1 per 1,000 with a bulk discount.

If that seems like a strangely low price for a trove of documents, it might be because the information is quite old by now. The documents are thought to have first been released in the first half of 2018, when a third-party KYC solution that was providing services to crypto exchanges and ICOs suffered a breach.

After the news broke, the seller updated their ad with a suggestion that buyers might want to pay them to destroy the documents instead of selling. The seller would "try to start a crowdfunding to delete all the hacked documents" because "if you ever sent a KYC, chances are there [are] also your documents in my dump."


CCN has reportedly verified that the ad exists, but others have cast doubts on the veracity of the seller's information. The anonymous cybersecurity expert reportedly showed CCN three free samples of selfies with people holding a handwritten piece of paper saying "Binance" along with their driver's licences as per its verification procedures, but Binance has responded with a degree of scepticism.

The cybersecurity expert claims to have contacted Binance, but the exchange has noted "some inconsistencies" in the samples shown.

"We're aware of this allegation and have investigated the photos in question, but there is no evidence that the leak is from Binance. We have even seen photoshopped versions of the photos," a Binance spokesperson said later.

It goes without saying, but might as well be said anyway, that the anonymous cybersecurity expert who broke the story to CCN and the seller are the same person. They might have taken this tack simply to advertise their own post, to drum up some interest ahead of their crowdfunding attempt or to see if they can get a bit more money for the now-old documents.

While there's no evidence of these documents being the real thing, it's not impossible and information has been stolen from ICOs and exchanges before.

It's known, for example, that the email addresses of people who participated in the EOS ICO were successfully stolen from Block.one. Participants in the Kik KIN ICO also had their email addresses either stolen or sold and used in a subsequent phishing attempt.

Disclosure: At the time of writing, the author holds ETH.

Disclaimer: This information should not be interpreted as an endorsement of cryptocurrency or any specific provider, service or offering. It is not a recommendation to trade. Cryptocurrencies are speculative, complex and involve significant risks – they are highly volatile and sensitive to secondary activity. Performance is unpredictable and past performance is no guarantee of future performance. Consider your own circumstances, and obtain your own advice, before relying on this information. You should also verify the nature of any product or service (including its legal status and relevant regulatory requirements) and consult the relevant Regulators' websites before making any decision. Finder, or the author, may have holdings in the cryptocurrencies discussed.

Latest cryptocurrency news

Picture: Shutterstock

Get into cryptocurrency

Ask an Expert

You are about to post a question on finder.com.au:

  • Do not enter personal information (eg. surname, phone number, bank details) as your question will be made public
  • finder.com.au is a financial comparison and information service, not a bank or product provider
  • We cannot provide you with personal advice or recommendations
  • Your answer might already be waiting – check previous questions below to see if yours has already been asked

Finder only provides general advice and factual information, so consider your own circumstances, or seek advice before you decide to act on our content. By submitting a question, you're accepting our Terms of Use, Disclaimer & Privacy Policy and Privacy & Cookies Policy.
Go to site