It sounds ironic, but a few years ago I read about cases in my country that were strange to say the least. In the first, the owner caught a thief breaking into the house, the thief ran away and broke his leg, then sued the owner for the injury. In another case, a thief tried to attack the owner in his garage, he called for help and someone reported him for disturbing public order and peace.
I wonder how twisted the laws can be when they treat thieves and thugs better than their victims.
As you mentioned, the Ledger leak was 5y ago and to this day, customers are still being targeted by criminals attempting to defraud them. A recent example of this is
phishing letters being delivered to customers' addresses to try to obtain the victims' funds. In the face of leaks like this, customers can become easy targets for future social engineering attempts and eventually fall for these scams, as well as face-to-face attacks (kidnappings, $5 wrench attacks), since the brokerage leaked the addresses of its victims. That said, despite the convenience of exchanges, the tip is to avoid buying bitcoin/crypto from CEX exchanges that require KYC whenever possible, buy from exchanges that require less KYC and, preferably, opt for DEX like Bisq...
While governments are pressuring custody companies to require KYC from their customers,
we don't know how companies handle this data, who has access, or what contingency plans they have in case of attacks like this...
- malicious employees can take advantage of the situation or leak customer data through carelessness.
- the weakest link is the customers themselves and they become easy targets after a leak, and can suffer extortion, fraud attempts, cloning and even physical attacks! - Neither companies nor governments guarantee the correct storage of sensitive data and many more reasons that I could mention...
Summary: the EUA and EU governments are a joke and do [n't care about the consequences of excessive KYC, and they are [n't ready to solve the problems mentioned by me and everyone else in this thread. In the end, the state only manages to make things worse than they could have been if they didn't interfere.
At the moment I can only think of Bisq (No KYC) as an alternative, but it's challenging at the moment due to low liquidity and the spread can be more expensive than CEX and a slightly more challenging learning curve.
However, to obtain greater autonomy and privacy to trade Bitcoin it's better to start using DEXs while there's still not enough adoption. More decentralized exchange services and P2P platforms (so far, this is the best site I've found that lists such services):
https://bitmixlist.org/