BTC $84,525.19 3.04%
ETH $1,928.04 1.65%
SOL $135.40 8.25%
PEPE $0.0000071 3.68%
SHIB $0.000012 3.94%
DOGE $0.17 3.41%
XRP $2.46 7.13%
ETH Gas (gwei) 0.54
Cryptonews Exclusives

Personal Data Leaks In Crypto Are Inevitable, Here’s What Can Be Done

Exchange Hardware wallet Ledger Security Wallet
Last updated:
Author
Simon Chandler
Author
Simon Chandler
About Author

Simon Chandler is a Brighton-based writer and journalist with over ten years of experience writing about crypto, technology, politics and culture. He has written for Cryptonews.com since late 2017,...

Author Profile
Last updated:
Why Trust Cryptonews
Cryptonews has covered the cryptocurrency industry topics since 2017, aiming to provide informative insights to our readers. Our journalists and analysts have extensive experience in market analysis and blockchain technologies. We strive to maintain high editorial standards, focusing on factual accuracy and balanced reporting across all areas - from cryptocurrencies and blockchain projects to industry events, products, and technological developments. Our ongoing presence in the industry reflects our commitment to delivering relevant information in the evolving world of digital assets. Read more about Cryptonews

The best cryptoassets and their blockchains, such as Bitcoin (BTC) or Ethereum (ETH) are mostly robust against potential attacks, but the wider crypto ecosystem is dependent on much of the web infrastructure that defines legacy systems.

Source: Adobe/metelevan

This point came to fore in July’s Ledger database leak, in which the wallet manufacturer’s ecommerce database was hacked for one million customer emails and more.

However, security experts speaking to Cryptonews.com affirmed that much can be done by the industry and individuals to reduce the scope for breaches. They also affirmed that the likeliest attacks, such as the Ledger breach, are the ones least likely to steal actual private key or wallet info, which is what criminals would need to steal your crypto.

Personal data and private keys

There are two main kinds of potential leak or attack in crypto, as explained to Cryptonews.com by wallet recovery expert Dave Bitcoin.

“There is a significant difference between leaks of personal data (email address, name, date of birth, etc.) and leaks of private keys,” he said.

“If a crypto company leaks only personal data, then it is no worse than any leak in the non-crypto space – not good, but unlikely to lead to a loss of crypto funds.”

Conversely, Dave Bitcoin also warned that if a company leaks private keys or recovery phrases, crypto funds can be stolen with very little effort. “Even if the key information is encrypted with passphrases set by the customer, it is quite likely that some passphrases will be guessed, either because they are weak, in existing password lists, or derivable from the customer’s other private information.”

An example of this latter, more serious type of breach is provided by a flaw affecting Coinomi desktop wallets that was discovered in 2019, for instance. It’s also evident in a variety of rogue browser extensions and malware, which can access a user’s private key when a hardware wallet is used.

Dave Bitcoin also warned of an intermediate third category.

 

“These involve leaks which reveal the identity of address owners,” he said.

“For example, if a company leaked a list of customers and blockchain addresses the customer sent cryptocurrency to (for example to exchange, or to pay for goods or services), then the public transaction ledger can be used to track down other transactions by the same customer.”

As he added, this kind of breach potentially exposes the holdings and dealings of a customer and may increase the risk of them being targeted.

What can be done

Developer Daniel Ternyak said that there are a variety of things individuals can do to reduce their exposure to leaks.

“Cryptocurrency investors should make every attempt possible to maintain strong OPSEC [operational security],” he told Cryptonews.com.

“Although it’s difficult to stay constantly vigilant, investors should scrutinize each instance when they’re asking to provide personally identifiable information that can be tied to their ownership of crypto assets.”

By operational security, Ternyak advised individuals to consider their own security from the perspective of a potential hacker. That way, they can more easily pinpoint weak spots and vulnerabilities in how they handle their crypto.

“Even when users are using a hardware wallet, the ‘$5 wrench attack’ is still effective for gaining access to funds,” he added, indicating that users even need to consider their own physical security and exposure.

Dave Bitcoin suggested that the biggest security decision for individual users involves the choice of their crypto wallet.

“Individual users should consider whether a custodial or non-custodial wallet is right for them, and carefully evaluate any non-custodial wallet provider for security practices,” he said. “Which is admittedly hard to do unless the company provides an independent security audit to support their claims.”

As for companies, Marek “Slush” Palatinus, CEO of SatoshiLabs, the manufacturer of the Trezor hardware wallet, advised firms to hold only absolutely necessary personal info, and in as limited a way as possible. The company claims that they purge orders after 90 days from their e-shop database.

“The responsibility of each company should be to limit the impact of such data breaches on their clients; ideally, the amount of collected data should be as small as possible, held for as short a time period as possible,” the CEO told Cryptonews.com.

Palatinus also advocates for greater privacy, so that consumers can make more informed choices.

“The industry should take customers’ privacy seriously and openly inform them what kind of data is being collected and how it is being treated afterward,” he suggested. “Far too often there is a data leak that could have been prevented by just taking better care of it.”

Inevitability

Such steps may reduce the frequency of data breaches. But given that most data breaches affect non-crypto-based systems (such as Ledger’s ecommerce database), they’re likely to remain inevitable to an extent.

Dave Bitcoin said, “Security strategies continue to evolve — one example being the requirement to encrypt all data in transit and at rest (for example in a database or file store). But there is always a means to decrypt the data, so these schemes can be broken if the keys are exposed and the data stores accessed.”

Dave predicted that companies will eventually stop storing personal data indefinitely, which will limit data breaches as far as possible. Of course, crypto holders will always have to take their own personal security as seriously as possible.
___

Learn more:
Seed Phrase and Wallet Recovery Still Isn’t Idiot-Proof
How Good Are Bitcoin Recovery Services?
Researchers Find Bugs that Could Expose Crypto Wallets on Exchanges
US Banks Offering Crypto Custody is ‘Insanely’ Bullish and Risky

Altcoin News
Crypto Trader Warns: Move Your Pi Coins To Pi Wallet Before March 14
2025-03-13 11:28:42
,
by Ruholamin Haqshanas
Blockchain News
U.S. Senate Banking Committee Approves GENIUS Act Stablecoin Bill
2025-03-13 20:59:05
,
by Hassan Shittu
Price Analysis
Bitcoin Price Rebounds – But Is a Crash to $73K or a Rally to $90K Next? 
2025-03-14 01:22:02
,
by Arslan Butt
Best Crypto to Buy Now in March 2025 – Top Crypto to Invest In
2025-02-19 06:00:00
,
by Ines S. Tavares
New Crypto Coins to Invest in March 2025
2025-03-12 01:12:39
,
by Ines S. Tavares
8 Best Crypto Presales to Invest In Now – Upcoming Token Sales
2025-03-03 00:01:51
,
by Medb Kiely-Cuddy
10 New & Upcoming Coinbase Listings in March 2025
2025-03-03 00:45:30
,
by Ilija Rankovic
12 New & Upcoming Binance Listings in 2025
2025-03-03 00:40:00
,
by Ines S. Tavares
The 12 Next Cryptocurrencies to Explode in 2025 – Our Top Picks
2024-09-11 14:50:06
,
by Ilija Rankovic
Bitcoin (BTC) Price Prediction 2025 – 2034
2024-10-19 00:00:00
,
by Leon Waters
Ripple (XRP) Price Prediction 2025, 2026 – 2030
2024-08-28 00:00:00
,
by Eric Huffman
Ethereum Price Prediction 2025–2030: Will ETH Reach $5,000?
2024-08-28 00:00:00
,
by Ben Beddow
Recommended Articles
Crypto Payments MoonPay Acquires Wisconsin Money Transmitter License
2025-03-14 23:59:20
Ethereum Price Recovers, But Chart Suggests Slump to $1,500 Coming
2025-03-14 19:53:02
SXSW 2025: Crypto Targets Mainstream With Educational Panels and Record-Breaking Bitcoin Logo
2025-03-14 23:10:44
California Man John Khuu Sentenced to Over 7 Years for Crypto Money Laundering Scheme
2025-03-14 21:04:47
Crypto Influencer T.J. Stone Sentenced to 45 Months for Fraud
2025-03-14 22:08:23
Weekly Crypto Regulation News Roundup: GENIUS Act, Trump's Crypto Reserve, Binance Lands $2B Investment, and More
2025-03-14 20:45:27
Brazil to Explore Blockchain for BRICS Cross-Border Trade: Report
2025-03-14 17:23:03
Read More Articles

More Articles

Press Releases
PEPETO, POPCAT, and DOGE: 3 Meme Coins to Hold in Your Wallet for Gains in 2025
2025-03-15 03:44:54
Press Releases
How SpacePay Simplifies Bitcoin Payments with Seamless Integration Across 325+ Wallets, Presale Ongoing
2025-03-15 03:35:54
Simon Chandler
Simon Chandler is a Brighton-based writer and journalist with over ten years of experience writing about crypto, technology, politics and culture. He has written for Cryptonews.com since late 2017, when the website was first launched, and has also written for Cointelegraph and CryptoVantage, as well as such websites as Forbes, Wired, Digital Trends and Business Insider.
Read More
Crypto News in numbers
editors
Authors List + 66 More
2M+
Active Monthly Users Around the World
250+
Guides and Reviews Articles
8
Years on the Market
70
International Team Authors