Mt. Gox User Information Hack

[throwawayid1975]

I was hoping that you guys could help me remember the specific information that Mt Gox requested from its users to create an account (ex. name, email, phone #?, personal address?, etc.), or better yet, could somebody post a screen capture of the first personal information page that users had to fill in?

Mt. Gox was the first exchange that I had looked at when I first started researching Bitcoin. I filled out most of the personal information forms that Mt. Gox requested, but decided not to follow through when they requested my passport, and chose to use Coinbase instead.

Obviously, I’m very thankful that I never traded on Gox (and my heart goes out to those who had their assets trapped), but I am fairly concerned about the new revelations that hackers took Mt. Gox’s user identification information. I’m feeling pretty paranoid (but maybe not enough?), so I’ve already changed my main email’s password (already utilize two-factor authorization), but am not sure what other information I handed to Gox, or if I need to take additional precautions (like changing my main email).

Any guidance on this would be appreciated. Thanks in advance!

P.S. I posted this on the bitcoin reddit too, but haven't heard anything yet, and hoped that you guys could help.

[Sindelar1938]

Address, passport scan, etc

Potentially more concerning is that if they have the transaction logs out of mtgox by customers to external wallets

[bananas]

People can do a lot under your name with that data. If it is proven they have such data it will be scary, one may even be jailed in some foreign country that someone pretended to be you.

[Bonio]

Has it been proved that anyone has actually got that data?

I've seen bits of php code floating around but other than that nothing other than FUD on reddit

[jojo69]

Has it been proved that anyone has actually got that data?

I've seen bits of php code floating around but other than that nothing other than FUD on reddit

well, 1700 lines is more than "bits" of PHP, but no, I have seen no concrete indication that user data is in the wild

[cloverleaf]

did the hackers not say that user data would not be compromised? i believe the attack was mainly targeted at gox directly?

[BitCoinNutJob]

anyone have any advice on what verified goxxers should do?

[Bonio]

I'm not convinced this information has been leaked.

Identity theft protection from some company such as experian isn't a bad thing to have in any case. Other than that if it is proved that your information has been leaked then don't panic, but there isn't a great deal you can do other than get a new passport, change your bank account an consider a facelift

[bananas]

I'm not convinced this information has been leaked.

Identity theft protection from some company such as experian isn't a bad thing to have in any case. Other than that if it is proved that your information has been leaked then don't panic, but there isn't a great deal you can do other than get a new passport, change your bank account an consider a facelift

One may even make a new official passport pretending to be you and then you become the fake yourself.

[itsunderstood]

anyone have any advice on what verified goxxers should do?

As in the main thread, probably if you shovel money toward lawyertown, they might get some results.

However, if it were me, I might just hire a good Private Detective to sniff around locally in Japan and protect the Goxxies data at all costs.  If my BTC and identity were stolen, I'd be pissed x2.  Therefore, play defense, don't wait.

Also tho, you would have one hell of a countersuit against the legality of the gag order under which Gox ran the deposit window in bad faith.  So whomever put the shaddap on Mark K. and all Goxworkers is the party I would seek to sue/identify, assuming I had the money to pay either lawyer or detective.  They ran the show, if it is so.