Following last week’s reported hacking of MtGox where a plethora of sensitive information was apparently obtained, the group claiming the hack, led by “nanashi____”, is offering users the privilege of deleting their data in exchange for a fee. They posted their demands on pastebin.com:
“Mt. Gox database sale: steps to remove yourself from dump before sales.
Most around here know we are selling gox customer info. Many have contact us requesting to pay to have their data removed before we sell. We are doing this for a cost of 0.25 BTC per person removed. We have already sold and release 20% of data to 2 buyers, so if you are apart of that it’s too late for you.
We are release the rest of this data to our buyers sometime this week, so after that happens it is too late for everyone who has not been removed already.
ATFX Thanks NHS Frontline Workers with 1k Fruit Boxes DonationGo to article >>
1) Email firstname.lastname@example.org with the email you used with mtgox.
2) I will check file already sold, if you are not part of that I will send you unique bitcoin address. If you don’t get response it means your data has already been sold in first batch or we have finalized sale of all data.
3) After you have sent .25 bitcoin payment, email us again to inform us of this.
4) Thats all, we will delete your personal data and passport scan from all copies of database.
DO NOT email asking to do this for cheaper unless you are doing 10+ accounts at once. Also do not email us asking to confirm what information we have about you. If gox had it, we have it, and as you can read on boards we have confirmed possession of this dump for many people. We let you use our same email for this as all other gox hack communication so you know we are same people. Doing this things will cause us to ignore all further message from you.”
Reddit users are expressing skepticism, noting that if e-mails were really taken they would have been used for sending their message to the users directly.
If true, the relative impunity with which the hackers are able to operate underscores the extent of lawlessness in the crypto world and how powerless victims may be under such circumstances.