Skip to main content

Last week, a user called “Mafufi” took to stolen data marketplace RaidForums to offer user and employee data from cryptocurrency exchange Paxful including their “first name, last name, date of birth, gender, address, phone number, email [and] passwords,” in exchange for 1 BTC.

Shortly afterward, Paxful CEO Ray Youssef took to Twitter to clarify that the offered information could not really be for sale.

“Any KYC data is never on our servers. We don’t take asking for people’s identities lightly,” Youssef tweeted. “1 BTC for millions of users? We get this leak spam all the time. Always fake. No user data leaked.”

Youssef went on to write that he was “still confirming if some employee data was leaked from [a] third-party payroll site.”

Nevertheless, the forum post received significant attention from the Bitcoin community, which is particularly adverse to the idea of user data being collected, shared or sold without consent. As a decentralized, middleman-free platform, the ultimate vision for Bitcoin is to enable users to operate pseudonymously and without their private information being recorded or shared. Furthermore, a long history of hacks and scams in the space has led to innumerable funds being lost and potential harm to data hack victims who would be known to hold significant amounts of bitcoin.