Craig Grant and others were targeted or so they say. When Bitconnect was paying out massive amounts of money a day to certain individuals don't you think hackers wanted those accounts BADLY?

The problem with KYC/AML is the Tezos Foundation isn't offering account recovery if hacked. They aren't offering any security or protection but are demanding the wrong kind of information which if it got into the wrong hands would jeopardize security.

Steem offers account recovery for example which is in my opinion the very minimum to offer in exchange for identity. If you know who owns an account due to KYC then if that account gets hacked or they lose their private key you can recover it.