As much as this sucks to hear, you’re not going to recover fully from a breach like that. If I understand correctly, most Crypto Firms (exchanges?) demand KYC since there is much regulation occurring in the Cryptocurrency world. The letters to your address are very concerning.
Were I to be you I’d do something similar to the following:
Create a fresh email account from a trusted source like Proton or Tuta
Obtain a custom domain similar to one’s legal name for the following accounts that are already tied to identity (this may be not worth doing if you have restricted access to aliased payments. I know the EU side of things is rough in this regard)
Link the custom domain to the fresh email inbox
Gain access to a quality VoIP provider if available. Use the new custom domain email address for account creation
Import old number into the VoIP provider to control spam and create new numbers as needed for the rest of these accounts
Obtain a new cellular number for your mobile phone. You might need it for certain accounts. Remember the old number is now a VoIP number and you will still receive messages intended for it. No need to alert contacts to a new number unless spam is overwhelming
Switch all banks over to a fresh custom domain alias and telephone number. If the bank rejects VoIP numbers, consider buying a true telephone number and registering to the bank then moving that number to the VoIP provider. Your millage will vary
Move all identity-tied accounts to custom domain email address’s and a variety of VoIP numbers. This can be as many or as few as you want
Freeze your credit (or EU equivalent if it’s different over the pond) to reduce abuse of your SSN. Consider reporting the breach to a relevant authority to consider options for additional security
That will handle the personal accounts and the phone number spam. For everything else:
Use an alias manager (SimpleLogin, AnonAddy, etc) to have unique email address’s across all accounts. Keep this information straight in KeePass or Bitwarden
Obfuscate and delete the accounts you don’t need to keep that contain leaked information. You can always re-create these accounts with new clean aliased information. This requires discretion
Besides this, you can start using false information to confuse spam systems about where you actually live. This isn’t a precise process, but some creativity will get you far. Beyond this, the data removal guides mention above will be a good resource to get yourself sorted on the really obvious sites. I wouldn’t bank on any of these services to clean up everything, but they can’t hurt if the information is already exposed.
Remember that I am a random anonymous account on an obscure forum. You should seek professional advice from relevant sources and you should always make these decisions for yourself.
If so, it’s a great opportunity to go through its list to find and delete any accounts you no longer use. This is one of the biggest advantages of password managers in my opinion, it eventually gives you a list of everywhere you’ve made accounts online that you can periodically check on.
An email aliasing service as mentioned above is also useful for this. The best time to start using both of these tools is a long time ago, but the second best time to start is now.