Pi Network

Pi Network operates a cryptocurrency mining application, with its headquarters located in Viet Nam. The platform facilitates user participation in digital currency activities through mobile devices, though specific technical mechanisms or broader service offerings beyond mining are not detailed in the available source material. Its primary market reach and user demographics are not explicitly defined within the provided incident report. The organisation's operational scale, such as user base size, transaction volume, or geographic distribution beyond its Vietnamese headquarters, remains unspecified based on the given context. Ownership structure, potential parent companies, or subsidiary relationships are not mentioned in the known incident details.

A significant security incident involving Pi Network occurred on July 1, 2018. This event involved a substantial data leak reportedly comprising approximately 17 gigabytes of sensitive personal information. The compromised data originated from third-party Know Your Customer verification processes utilized by the organisation. Notably, the leaked information included details from Vietnamese national identity cards. Following the breach, this sensitive personal data was advertised for sale on a hacker forum, significantly increasing the risk of identity theft and fraud for affected individuals. A representative associated with a community group linked to Pi Network acknowledged the incident, clarifying that while the application's version active at the time of the report no longer supported Vietnamese identity cards for verification, an earlier iteration of the app had indeed accepted such documents.

This incident underscores vulnerabilities associated with Pi Network's handling of highly sensitive user data, particularly when relying on external third-party providers for critical verification procedures. The exposure of national identity card details represents a severe compromise of personal information entrusted to the platform. The organisation's acknowledgement regarding the change in supported identification documents highlights an evolution in its verification practices, though the specific security measures implemented before, during, or after the breach to protect user data are not detailed in the source material. The breach serves as a critical point of reference regarding the cybersecurity posture and data protection challenges faced by the organisation in its cryptocurrency operations.