Aleo blockchain has addressed community fears about the recent data leak, calling it a copy-and-paste error.
In an X (formerly Twitter) post, the platform explained the cause of the exposure while quelling the fears of the wider community.
This weekend, Know Your Customer (KYC) information about 10 participants from our recent Aleo Learn & Earn events was mistakenly exposed to other Aleo community members through a copy/paste error in email metadata.
We appreciate everyone’s patience as our team worked to remove…
— Aleo (@AleoHQ) February 26, 2024
The team said the incident was a “copy and paste error” and not a hack by bad actors as feared by some users.
Last weekend, some users’ Know Your Customer (KYC) information was leaked to other members in error, sparking dissatisfaction from users expressed on several social media platforms. According to Aleo’s official statement:
“This weekend, Know Your Customer (KYC) information about 10 participants from our recent Aleo Learn & Earn events was mistakenly exposed to other Aleo community members through a copy/paste error in email metadata.”
Aleo Apologizes for Error
The platform noted that it took steps to remove users’ exposed information and implemented long-term technical control for KYC practices. The firm apologized for the copy-and-paste issue, signaling better community engagement activities.
“To those affected by our mistake, we apologize and hope the changes we’re making will again earn us your trust. We’re grateful to the active and engaged members of the Aleo community for calling attention to this issue.”
Following the X post, crypto users hailed the swift move to address community concerns, with some calling on similar moves by other firms. Other users were delighted this wasn’t another hack on the DeFi sector after last year’s string of bad actor activity.
Last year, the crypto market lost $2 billion to hacks resulting in increased regulations by authorities and calls for solutions through user engagements.
What Happened To User Data?
On Feb 25, Aleo erroneously sent users’ personal information to incorrect email addresses, raising concerns as it focused on privacy-enhancing technology.
The issue was brought to the fore by Emir Soyturk, a developer asking questions about why he got people’s personal information in his email.
“Hey @AleoHq, you just sent me someone’s KYC documents via email (including selfies and ID Card photos). That makes me wonder if I have someone else KYC document, who else have you sent mine to.”
Other users asked why a privacy-first blockchain needed KYC requirements, amongst other issues. The platform focuses on the privacy and security of users, deploying multiple techniques to protect transactions while maintaining efficiency.
In addition, users must pass the United States Foreign Assets Control (OFAC). As a result, users have more control over data and privacy-related issues. The release by the platform on X quelled user fears expressed in the past days.