Pi Network, a cryptocurrency mining app for mobile users, may have been connected to 17GB worth of personal data leaks, a Vietnamese news outlet reported on Monday.
The treasure trove of personal data was apparently taken from the Know Your Customer checks of users of Pi Network, according to the person who posted it to hacker hangout RaidForums on Thursday.
The identity cards of an estimated 10,000 Vietnamese citizens were placed for sale, along with connected home addresses, phone numbers and email addresses. The seller placed a price tag of $9,000 on the data, payable in either Bitcoin (BTC) or Litecoin (LTC).
Phien Vo, a moderator of a Vietnamese Pi Network group chat channel, told VnExpress that Pi Network’s KYC checks are performed by a third party, adding that Vietnamese identity cards like those in question aren’t compatible with the app. However, Vo did indicate that an older version of the app was compatible with the cards at one point.
Vietnam’s Ministry of Public Security’s cybersecurity division has since launched an investigation into the matter.
An independent investigation into Pi Network’s perceived value was recently conducted by Cem Dilmegani, a tech entrepreneur and founder of AIMultiple. Written weeks prior to the recent data leak, the review concluded that Pi Network bore the hallmarks of a multilevel marketing scheme, or an affiliate marketing program.
The Pi app reportedly demands users log in every day and click a button to receive their PI coins. No blockchain consensus algorithm, like proof-of-work or proof-of-stake, is used in the app, and users can gain increased mining rates by referring other people. The PI token is not yet traded on exchanges and has no dollar value.
The app reportedly sells data for advertising revenue from the moment its usage begins. Given that ad space can sell for a higher value with personal user info included, many have been led to speculate that the Pi app is designed only to siphon personally identifying information from its users.