RJK 4 Posted July 7 9 hours ago, Peponut said: Just put emotions aside and wait for the bloody official statement... There isn't going to be one. They have moved on. It's over. Only the people in this isolated thread that nobody else in the world knows exists, are waiting on "something." Share this post Link to post Share on other sites
crypto2libertas 105 Posted July 8 3 hours ago, RJK said: There isn't going to be one. They have moved on. It's over. Only the people in this isolated thread that nobody else in the world knows exists, are waiting on "something." I think you are right. Gatehub decided that the law is on their site and moved on. Not much media attention anymore and the crypto world will or already has forgotten it Share this post Link to post Share on other sites
Birt Ernie 12 Posted July 8 . I myself learned from my mistakes and carelessness and theirs by purchasing a hard wallet investing in more xrp and apollo currency and waiting for the outcome with a positive attitude. If Gatehub takes the easy way out then we can have meaningful dialogue . 1 Harrryquartz reacted to this Share this post Link to post Share on other sites
jlripple 89 Posted July 8 (edited) 8 hours ago, RJK said: There isn't going to be one. They have moved on. It's over. Only the people in this isolated thread that nobody else in the world knows exists, are waiting on "something." what do you expect them to say? that their security was breached and won't compensate the victims? they already showed their true colors and their unique selling point of safekeeping your ripple wallet is no longer safe. so what kind of value can they provide to their customers now. none. either way they have to make some official announcement, else the hack blog https://gatehub.net/blog/gatehub-update-investigation-continues/ will be there forever with no closure. Edited July 8 by jlripple 2 Harrryquartz and dik reacted to this Share this post Link to post Share on other sites
kanaas 3,581 Posted July 8 Are you a lawyer specialized in EU or UK law? Or just expressing some personal thoughts?With crypto it is a bit more complicated. Holding the keys means holding the funds as well. Its not like just holding car keys. Its like having the keys AND the car in your parking lot AND both under your full responsibility.... 4 dik, Ghobicat, Jillian and 1 other reacted to this Share this post Link to post Share on other sites
mrenne 713 Posted July 8 42 minutes ago, kanaas said: With crypto it is a bit more complicated. Holding the keys means holding the funds as well. Its not like just holding car keys. Its like having the keys AND the car in your parking lot AND both under your full responsibility.... Yes, and sometimes the person responsible to keep the car keys is responsible if the car gets stolen. It just depends on legislation and situation. That's why I asked if the person that came with such a blanket statement was a specialist or not. If not, his answer is quite useless. 3 Harrryquartz, Ghobicat and jlripple reacted to this Share this post Link to post Share on other sites
Personology 32 Posted July 8 Are there no famous youtubers in the crypto space that we can reach out to bring light to the current issue? This is pretty mess up. It’s not just GateHub negligence but also Ripple too with the wallet migration. If Ripple doesn’t want to step in and take responsibility then everyone in the crypto space needs to know what this company is all about. I don’t think any company want to risk bad PR. We need to compile a list of prominent social media figures and reach out to them. We can all pool and donate for their time speaking on the issues. If there whales here who are willing to help with some contributions then that would be awesome. We need to watch each other backs in this community. Otherwise, it’s always the common fools who get screwed. 1 Harrryquartz reacted to this Share this post Link to post Share on other sites
jlripple 89 Posted July 8 23 minutes ago, Personology said: Are there no famous youtubers in the crypto space that we can reach out to bring light to the current issue? This is pretty mess up. It’s not just GateHub negligence but also Ripple too with the wallet migration. If Ripple doesn’t want to step in and take responsibility then everyone in the crypto space needs to know what this company is all about. I don’t think any company want to risk bad PR. We need to compile a list of prominent social media figures and reach out to them. We can all pool and donate for their time speaking on the issues. If there whales here who are willing to help with some contributions then that would be awesome. We need to watch each other backs in this community. Otherwise, it’s always the common fools who get screwed. I think @Silkjaer articles already super bad publicity. Just that we still waiting for them to come out with something. 2 Silkjaer and Harrryquartz reacted to this Share this post Link to post Share on other sites
yxxyun 915 Posted July 8 Just FYI 1 Harrryquartz reacted to this Share this post Link to post Share on other sites
Harrryquartz 72 Posted July 8 (edited) This is the fine that company which had a data breach faces in the the UK where there was no financial harm to its customers, there are still a lot of options open once Gatehub make their next statement stating what they know. Regardless they the ICO will investigate as this is under EU jurisdiction laws as well but it will take time (@Gatehub cannot refuse to cooperate as that means potential further court action by the state regulator against company directors I.e prison if found guilty of any alleged wrongdoing in law ) : British Airways faces a fine of £183m for a data breach in which customers' credit-card data was stolen - but says there is no evidence of harm to passengers. The Information Commissioner's Office (ICO) says it intends to issue the airline with a penalty notice under the Data Protection Act. The proposed penalty is £183.4m, representing 1.5 per cent of BA's worldwide revenue in 2017. In September 2018, British Airways' chairman and chief executive, Alex Cruz, revealed what he called "a very sophisticated, malicious attack". Cyber criminals stole personal and financial information from hundreds of thousands of customers who booked direct with the airline over a two-week spell in August and early September. The Information Commissioner, Elizabeth Denham, said: "People's personal data is just that - personal. "When an organisation fails to protect it from loss, damage or theft it is more than an inconvenience. That's why the law is clear - when you are entrusted with personal data you must look after it. Those that don't will face scrutiny from my office to check they have taken appropriate steps to protect fundamental privacy rights." Mr Cruz (British Airways) said: "We are surprised and disappointed in this initial finding from the ICO Edited July 8 by Harrryquartz 4 tekkillah, Jillian, Silkjaer and 1 other reacted to this Share this post Link to post Share on other sites
codiusrex 859 Posted July 8 3 hours ago, yxxyun said: Just FYI Because she knows he’s dumping XRP to fund the XLM project and line his pockets. He’s not dumping XLM to fund his own XLM project. Ripple is dumping XRP to fund their XRP project. Share this post Link to post Share on other sites
at3n 276 Posted July 8 (edited) 2 hours ago, Harrryquartz said: This is the fine that company which had a data breach faces in the the UK where there was no financial harm to its customers, there are still a lot of options open once Gatehub make their next statement stating what they know. Does anyone know if crypto secret keys, in this context, would be treated as personal data under GDPR? In theory, Gatehub did not keep records of people's secret keys (only encrypted keys, which Gatehub could not decrypt), so it could be argued that an individual could not be identified using only the secret key. I don't think it's the same as credit card data, which will always be linked to an individual's record in a company's database. Also, fines such as the ones above would not be compensation to the victims, that would still need to be pursued separately. In fact, if such a fine was imposed on Gatehub, it would make it even harder for them to compensate... Edited July 8 by at3n Clarification Share this post Link to post Share on other sites
mrenne 713 Posted July 8 2 hours ago, at3n said: In theory, Gatehub did not keep records of people's secret keys (only encrypted keys, which Gatehub could not decrypt), so it could be argued that an individual could not be identified using only the secret key. I don't think it's the same as credit card data, which will always be linked to an individual's record in a company's database. Encrypted personal data is also personal data according to GDPR. Furthermore, wallet addresses can be extracted from secret keys and wallet addresses could be stored together with personal data in KYC files, so it is theoretically possible to link the secret key to the identity of a person. This is a grey area in GDPR, with room for discussion, but there definitely are arguments. 2 Ghobicat and at3n reacted to this Share this post Link to post Share on other sites
Harrryquartz 72 Posted July 8 (edited) 3 hours ago, at3n said: Does anyone know if crypto secret keys, in this context, would be treated as personal data under GDPR? In theory, Gatehub did not keep records of people's secret keys (only encrypted keys, which Gatehub could not decrypt), so it could be argued that an individual could not be identified using only the secret key. I don't think it's the same as credit card data, which will always be linked to an individual's record in a company's database. Also, fines such as the ones above would not be compensation to the victims, that would still need to be pursued separately. In fact, if such a fine was imposed on Gatehub, it would make it even harder for them to compensate... BA was just an example of a hack and decisive action by the regulator. ICO can order compensation as well as issue fines and it relates to all aspects of personal data. Their prime responsibility is protect individuals affected or potentially affected by data breach and not the company. Gatehub have now contacted the ICOas they are registered as tier 1 organisation with ICO...... Registration number:ZA198432 Date registered:05 August 2016 Registration expires:04 August 2020 Payment tier:Tier 1 Data controller:Gatehub Limited Address:88-90 Hatton Garden London EC1N 8PN .............and ActionFraud to report and will be issuing statement via email in the next 7days. Edited July 8 by Harrryquartz Share this post Link to post Share on other sites
at3n 276 Posted July 8 4 hours ago, mrenne said: Encrypted personal data is also personal data according to GDPR. But normally the data controller has a means to decrypt such data. If a controller encrypts the data and throws away the key (hands it off to the user in this case), does that reduce their need for compliance (could it count as anonymised data)? Furthermore, if the encryption is actually done by the client's browser, then the data controller never even knew the encryption key to begin with, and is essentially acting as a cloud storage service for data that was encrypted by the user. If all that was true, and perfectly executed, does that change anything? I guess that in this case it doesn't matter, because whatever protections were in place clearly failed, and not as a result of user error (we can presume). Perhaps I'm showing my ignorance, but the concept is interesting to discuss. 4 hours ago, mrenne said: Furthermore, wallet addresses can be extracted from secret keys and wallet addresses could be stored together with personal data in KYC files, so it is theoretically possible to link the secret key to the identity of a person. This is a grey area in GDPR, with room for discussion, but there definitely are arguments. Good point, maybe that would be enough to get them. 1 Harrryquartz reacted to this Share this post Link to post Share on other sites