It's good that no amount of money is lost, however, the cyber actors where able to harvest "included real name, home address, emails, and encrypted passwords."
And maybe...
We are continuing to investigate whether the malicious actor also obtained access to personal documents provided for KYC such as ID, selfie and proof of address, and will provide an update once the investigation has concluded.
which is really serious. This whole KYC thing has gone out of hand, sooner or later everyone's id, selfie, and address alongside with all his information, mail, and accounts will be available on some darknet market place: buy the DarkPages for Alabama, 40$ for 100 000 entries, complete with selfies and shoe seizes.
The most dangerous and scary part is the "5 dollar wrech attack", since the hackers were able to obtain the real and physical address of the users.
While that is indeed a problem I don't think a bunch of robbers would start going through all that list and try picking victims that traded there, they have no clue of the balances, there is no way for them to know if the user has still bitcoins by the time they enter his house as he might have withdraw everything in fiat and all the money would be in his bank acount. Plus the whole thing is not a robbery anymore it's racketeering and it comes with a 20 yo sentence.
In my opinion, you should be more afraid of robbers if you have 100k Mercedes on your front lawn than 1000
BTC in some exchange.
But still, one should try to avoid as much as he can sending all his info and pictures to some unknown company in a foreign country.