Ton has suffered a major data breach, undermining trust in the ecosystem. Over 2.7 million records leaked online. Ghost’s TG channel investigation revealed the scale (and is still up). Usernames, IDs, and wallets of top managers and 80-90% of the TON blockchain are exposed.

December 30, 2024

Summary:

Full names + username + job titles + Telegram IDs + wallets of Ton’s top management have leaked. The database contains ~2000 entries.
username + Telegram ID + full names + wallets of 80-90% of the entire TON blockchain – which also happens to be Telegram users – have leaked. Currently, 2.7 million entries are out there. In reality, the number is higher. There are, of course, many bots.

With simple OSINT techniques, all leaked usernames and IDs can be traced to personal data.

To summarize:
💢 Linking IDs and Wallets
A core principle of cypherpunk ideology is the absence of identity attachment to assets. But here we see a direct connection: usernames (clearly from Telegram), IDs, and wallets. This kills user anonymity, making them potential targets. What prevents someone from linking this data to real identities? Nothing.

💢 Centralized Data Control
The cardinal sin of decentralization – storing sensitive data in centralized databases. This is what happens when someone decides it’s “more convenient.” One leak, and the entire “security” crumbles, followed by the reputation. Cypherpunks are shaking their heads.

💢 Unjustified Data Collection
Why store such data at all? Especially in a format where usernames are directly linked to IDs and wallets. In decentralized systems, collecting such data contradicts the entire idea.

💢 No Failure Protection
Where’s the hashing? Data masking? Even if this database was for internal use, at the very least, the data could have been masked to prevent direct correlation.

Consequences:
💢 User De-anonymization
If someone links their crypto wallet to an account tied to real data (like a Telegram username), all their financial activity becomes public knowledge. From there, it’s easy to dig deeper – a bit of OSINT, and even personal addresses could be uncovered.

💢 Target for Attacks
Users whose data is in this database become potential victims. Phishing, social engineering, account takeovers – the scenarios are endless.

💢 Loss of Trust in the Platform
If this involves a service that advertised security or privacy, this leak destroys its entire reputation. The cypherpunk community doesn’t forgive such mistakes.

submitted by /u/XGramatik
[link] [comments]

Make a post in our subreddit XGramatikInsights, and your thoughts will appear here!

Share the Post:

Give Biden his due, he has been one of the best presidents of our time

submitted by /u/Burlekchek [link] [comments]

The most important category in this chart is „Other“. It’s mainly rare earths. Don’t take Trump’s approach to Greenland too lightly, it would solve some strategic problems for the US.

submitted by /u/Pllover12 [link] [comments]

Ton has suffered a major data breach, undermining trust in the ecosystem. Over 2.7 million records leaked online. Ghost’s TG channel investigation revealed the scale (and is still up). Usernames, IDs, and wallets of top managers and 80-90% of the TON blockchain are exposed.

Related Posts

Give Biden his due, he has been one of the best presidents of our time

The most important category in this chart is „Other“. It’s mainly rare earths. Don’t take Trump’s approach to Greenland too lightly, it would solve some strategic problems for the US.