Last week, hackers released a variety of potentially damaging internal Mt.Gox databases as well as a wallet-stealing virus disguised as a search tool. The hackers also claimed to have over 20 GB of Mt.Gox user data which they planned to sell “one or two times to make up personal loses from gox closure” for 100 BTC (roughly $62,000).
The hackers, using the name “nanashi” (“nameless” or “anonymous” in Japanese) claim that the database included a wealth of personal details from Mt.Gox users, including bank data and passport scans.
Today, hackers using the nanashi handle offered to remove user information before selling the data dump for 0.25 BTC per person (about $150). The hackers noted that they’ve already released 20% of the data to two buyers, and that it’s “too late” for those users.
While it’s not clear that the hackers actually do have these accounts, the previous releases make it at least a plausible risk. Even if they do have access to such data, there’s no guarantee that user accounts will be deleted before the sale, or that future extortion attempts won’t take place. IRC channels have been ablaze with discussion about the blackmail attempt, and Reddit users and other forums have held spirited discussions about the best way to respond.