Is it too much to expect basic security from MLM underbelly schemes?

From the anonymous owner(s) of Inovatyon, apparently so.

Inovatyon
 launched late last year in Brazil. The scheme sees affiliates pay hundreds of dollars for Invayton affiliate membership, with commissions paid upon recruitment of new affiliates.

Once Inovatyon management figured they’d collected most of the affiliate membership fees they were likely to get, the next step was restricting withdrawal requests.

This saw Inovatyon introduce KYC, wherein thousands of affiliates uploaded highly sensitive identification documents.

Rather than store this information securely however, Inovatyon instead dumped them onto a publicly accessible web-server.

No login, no passwords, no security. Anyone with a web browser had access to the KYC documents of every single Inovatyon affiliate.

The leak was first publicized by Piramidation, a scamwatch blog published in Portuguese, on December 25th.

When you open the link, you see a page that would leave anyone stunned: a huge list comes up with thousands and thousands of documents with personal information of the “franchisees” of Inovatyon!

Thousands of CNHS, identity cards, SSNs, water and electricity bills, birth certificates, work permits, correspondence, professional identities, etc.

Piramidation claim the leak has revealed several well-known Brazilian pyramid scheme regulars to be Inovatyon affiliates. Some of whom had not previously acknowledged their participation.

As at the time of publication, public access to the leaked KYC documents appears to have been revoked. Inovatyon however have not addressed the security leak on either their website or official corporate Facebook page.

Such caches of information are typically a goldmine for identity thieves, with the lack of security surrounding Inovatyon’s KYC documents simply mind-boggling.

Sure it’s funny to joke about scammers getting scammed, but what about those who might have joined innocently?

I suspect as more and more MLM underbelly schemes begin
utilizing KYC as a method of restricting withdrawals
, we’re probably going to see more of these stories surface.

Those participating in such schemes might want to think about just how much they really trust the companies they’re sending KYC documents into.

🤖 Quick Answer

What is Inovatyon and how does it operate?
Inovatyon is a multilevel marketing scheme launched in Brazil that requires affiliates to pay membership fees in exchange for commission opportunities based on recruiting new members. The platform initially operated as a recruitment-based income model.

What security breach occurred at Inovatyon?
Inovatyon stored thousands of Know Your Customer (KYC) documents containing sensitive identification data on a publicly accessible web server without authentication measures, allowing unrestricted access to anyone with internet access.

Why did Inovatyon implement KYC procedures?
The company introduced Know Your Customer requirements after collecting substantial affiliate membership fees, implementing the process to restrict and manage withdrawal requests from members seeking to recover their investments.

🔗 Related Articles

- DigiCoin Markets Review: 7% daily returns Ponzi scheme
- AladdinBOT Review: AI trading bot ruse Ponzi scheme
- Philippines to issue MLM companies with seals of legitimacy
- Axiome Review: AXM token Dubai Ponzi scheme
- B-Epic Review: Mandatory affiliate orders and recruitment commissions