Cyber Incident Victim: Pi Network
Date:
Jul 2018
Location:
Viet Nam
Summary
A cryptocurrency mining app experienced a significant data leak involving approximately 17GB of personal information reportedly obtained through third-party Know Your Customer verification processes. The exposed data included Vietnamese identity card details, which were subsequently advertised on a hacker forum. A representative from a related community group indicated that while the app's current version no longer supported such identification documents, an earlier iteration had previously accommodated them. The incident highlighted potential vulnerabilities in handling sensitive user data through external service providers.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In July 2018, Pi Network, a cryptocurrency mining application targeting mobile users, became associated with a significant data exposure involving approximately 17GB of personal information. The breach came to light through reports by Vietnamese news outlet VnExpress, which indicated that the leaked data originated from Know Your Customer (KYC) verification processes tied to Pi Network's user base. The compromised dataset was advertised for sale on RaidForums, a prominent online platform frequented by threat actors, on June 28, 2018. While the exact number of affected individuals was not disclosed, the volume of data suggested substantial exposure of sensitive user information typically collected during KYC procedures. The incident timeline indicates the data was likely exfiltrated prior to its appearance on RaidForums, though the specific intrusion vector and timeframe of unauthorized access remained unspecified in available reports.
The leaked information reportedly contained identity verification documents submitted by users, with Vietnamese identity cards specifically implicated in the dataset. Phien Vo, a moderator for a Vietnamese Pi Network community channel, acknowledged the breach but clarified that KYC operations were managed by an unspecified third-party service rather than directly by Pi Network. Vo further noted that while the current version of Pi Network's application did not support Vietnamese identity card verification, an older iteration of the software had previously accommodated such documents. This statement suggested potential historical exposure vectors but did not confirm whether the breach stemmed from Pi Network's systems, its third-party vendor, or a combination of both. The exposure of KYC data created risks of identity theft, financial fraud, and phishing campaigns targeting affected users. No official statement from Pi Network regarding containment measures, forensic findings, or user notifications was detailed in the reported coverage at the time of disclosure.