> I'll give you a bitcoin wallet address can you tell me who owns it?

It depends on the address. But assuming the person is using the same address for multiple transactions then the attacker only has to be able to correlate one address with a person (or a person's device if they have access to it).

This could be a completely innocuous transaction, including something as seemingly innocent as signing into a Dapp.

Compare that to a non-blockchain transaction, where if the attacker hacked an random ecommerce site (say a supermarket) that doesn't automatically allow them to tie all records to transactions on the site that is a problem.

> Worse than a credit card? How?

If I buy something at my supermarket with my credit card, even with home delivery AND even if the supermarket kept the credit card number there is nothing tying that transaction to gay.com.