Media Uncover Sale of Bitcoin Conference Attendee Data

The publication Cointelegraph has obtained samples of datasets containing confidential information about participants of several crypto conferences.

According to the media, the information was initially collected through event registration forms. It includes full names, phone numbers, nationalities, job titles and companies, as well as links to personal social media, cryptocurrency wallet addresses, and notes for organizers.

Subsequently, the compiled spreadsheets are sold under the guise of “marketing, promotion, and client acquisition.” The samples reviewed by journalists were collected at events held in the autumn of 2024 in Southeast Asia and India. Other lists that surfaced online are allegedly linked to major industry events, including Blockchain Fest and Devcon.

“The fact that one seller has access to lists from several countries indicates that this is not an isolated incident but an organized international trade in blockchain event attendee data,” the publication noted.

One of the lists included 1,700 participants from the November AIBC conference and was initially priced at $4,000, later reduced to $650.

Journalists spoke with a reseller who attempted to justify the sale by claiming it was “not confidential information” and “most people are open to such marketing.” The seller and data compiler are reportedly Russian speakers.

AIBC founder Eman Pulis assured the publication that the event enforces “very strict protocols against data leaks” and many such databases are fraudulent.

Cointelegraph was unable to determine the origin of the lists but believes that conference organizers are not involved in the data trade. Nonetheless, the situation is concerning due to the potential use of confidential information by malicious actors for phishing and other attacks.

In October, cryptocurrency payment provider Transak confirmed partial third-party access to data of 92,554 users (1.14% of the total database). The company claims that financially sensitive or critically important information was not compromised.