Crypto miners involved in dubious crypto startup Green say they’re easier targets for hackers, after their personal data was unintentionally leaked by the Securities and Exchange Commission (SEC).
The commission, which has increasingly enforced regulations on crypto firms as industry scandals continue to erupt, reportedly leaked 650 names and emails of Green users earlier this month.
The SEC has been investigating Green for years. It reached out to users in order to learn their experience with the firm. Members cooperated, but an employee “failed to bcc all 650 users in an email,” according to screenshots seen by the Washington Examiner.
By doing so, the commission appears to have violated the Privacy Act of 1974. Its own website states clearly that the personal data of those involved in SEC investigations are protected.
“Protecting the privacy of all parties is critically important, and the SEC is looking into this matter,” a spokesperson for the SEC told the Washington Examiner.
Green raises red flags
While it’s unclear what the SEC is hoping to determine, several warning signs appear when examining Green’s online presence. Its website contains little information regarding the team behind the company, operates under the radar, and promises high returns with almost no risk.
Green claims to be the “largest, public global decentralised power grid in the world” and urges the public to “set power free” on its blockchain. According to its website, step one in achieving this goal is to buy Green nodes to mine a crypto token called GREEN. In exchange for allowing the nodes to “run quietly in the background,” you earn digital GREEN rewards.
At the top of the website’s FAQ page, the company makes sure to immediately clear up that “GREEN is a digital reward and not a security token.” It says tokens aren’t being offered to investors and it won’t run an ICO. Miners will earn rewards that are deposited daily into their accounts.
By running the blockchain, Green claims that it “may have the potential to effectively subsidise the cost of power.”
Green’s Discord channel was private at the time of writing. Green’s Twitter account posts around once a week, solely to announce the next ‘Green Community Update Call.’ These are held every couple of months via Zoom.
Green has disabled the ability to purchase GREEN from its website at the time of writing. Three paragraphs of disclaimers can be found if one scrolls all the way to the bottom of its homepage: “This content may contain forward-looking statements that involve substantial risks and uncertainties,” it begins. Green goes on to make clear that it doesn’t plan to inform the public if these forward-looking statements get revised or updated.
“We do not plan to update or revise publicly any forward-looking statements except as required by law.”
What this means for the SEC and Green users
While it’s unclear how many people have purchased Green tokens and currently mine them on the blockchain, 650 names and emails of community members have been leaked by the SEC, in direct violation of the Privacy Act of 1974.
It remains to be seen what repercussions this may have for the SEC and for the users themselves, especially if the results of the investigation reveal these users are actually victims of a crypto scam. Some miners are concerned that the SEC leak leaves them more vulnerable to attack, since crypto hackers are known to illegally obtain customer information from companies and target the computers of miners. As of Tuesday, no hacks had been reported.
However, the SEC’s failure has riled up some in the crypto community, which enjoys a contentious relationship with the SEC — particularly in relation to its ongoing trial with Ripple. In reply to an unrelated tweet by SEC chairman Gary Gensler, one twitter user shared a link to the Washington Examiner’s article on the leak, followed by the words, “Try making sure your own agency is competent.”