Exchanges seem to be a primary vector of attack to secure private keys of user eWallets and compromise accounts. I know with some exchanges, like coinbase, require, official forms to prove your identity, which is a problem because although hackers will unlikely be able compromise the actual blockchain, they could breach a user database on the exchange and lift identifying credentials or worse. The IRS has already forced coinbase to reveal user identities.
I know there are eWallet to eWallet exchanges that can be made in person without the exchanges, but are the exchanges that are fiat onramps and offramps that do not require you to dox yourself? It seems if your identity credentials could be taken, by hook or by crook or even by a legal court order, there is no guarantee of your identifying credentials being completely safe and I would much rather have my username and password compromised (which I can change) than all my personal details spilled (which I cannot change).
Any ideas on this?