Sensitive information from cryptocurrency industry events is being sold online, creating a potential goldmine for scammers and cybercriminals.
Crypto media company Cointelegraph has obtained samples of participant data, including full names, contact details, social media links and even crypto wallet addresses – raising alarms about possible phishing campaigns.
What is included in the data?
The leaked lists, marketed as “marketing and customer outreach” tools, contain confidential details such as:
- Full names and phone numbers
- Job titles and company affiliations
- Social media profiles, including follower counts
- Ticket purchase details, operating systems used and registration timestamps
- Crypto wallet addresses
- Personal messages sent to event organizers
Some lists even contain Telegram handles, adding another layer of vulnerability to participants.
This data is often collected through registration forms for conferences or side events. Platforms such as lu.ma, which are used to issue tickets, sometimes request links to participants’ social media accounts, which could explain how this data is aggregated.
International trade in participant data
Cointelegraph allegedly viewed lists of multiple crypto eventsheld primarily in Southeast Asia and India, at the end of 2024. A seller provided samples of four lists, each containing 60-100 names, claiming to have dates from various events.
The scale and scope of the leaks suggest that this is not an isolated incident, but rather part of a larger international trade in blockchain data from event participants.
High-value targets
One notable data set included 1,700 attendees at the November 2024 AIBC conference in Malta, initially priced at…
