BitMEX Investigating ‘Extent of Impact’ After Mass Email Leak

Published at: Nov. 1, 2019

Crypto derivatives exchange BitMEX has accidentally leaked user emails by forgetting to use blind copy (bcc) on a mass email. 

The incident was acknowledged by BitMEX in an official statement published today, Nov. 1. Cointelegraph’s editorial team in Japan have independently revealed that a staff member was the recipient of the BitMEx newsletter in question.

“Outrageously incompetent”

In a tweet posted on Nov. 1, crypto-focused lawyer Jake Chervinsky characterized BitMEX’s accidental public sharing of user email data as a simple error committed in the “outrageously incompetent way imaginable.”

Concerned community members have pointed out that the leak makes BitMEX account holders vulnerable targets to potential hackers, with the data serving as a “puzzle piece” for attackers. 

Some voiced their concern that the nature of the error could mean that each email includes just a section of the total leaked data: “while most people received about 1,000 [other user emails] per email — they dumped their *entire* user database.” 

On Twitter, user “kevin mcsheehan” outlined the risks, including the potential for:

“all email addresses x-referenced w/ public breaches to associate universal passwords. from there attackers will use xx,xxx proxies to try to break into email inboxes, exchange accounts, github, dropbox, etc.”

“The privacy of our users is a top priority”

In its statement, BitMEX has written:

“Our team have acted immediately to contain the issue and we are taking steps to understand the extent of the impact. Rest assured that we are doing everything we can to identify the root cause of the fault and we will be in touch with any users affected by the issue.”

“The privacy of our users is a top priority,” the exchange added.

Following news of the leak, Binance crypto exchange advised all affected BitMEX users who also hold an account on Binance to change their Binance account email immediately.

Earlier today, BitMEX revealed plans to implement major changes to the weights of its cryptocurrency price indices later this month.

Cointelegraph has not received a response from BitMEX regarding the scope of the leak by press time.

Tags
Related Posts
BitMEX on User Info Leak: No Data Was Disclosed Beyond Emails
BitMEX, the biggest crypto exchange by trade volume to date, says that no other data except email addresses has been disclosed in a recent email leak. “At no point were any of our core systems at risk” After the first reports on the accident on Nov. 1, BitMEX released an official statement on the issue Nov. 4, emphasizing that no personal or account information has been disclosed beyond email addresses. Apologizing for the concern caused by the leak, the exchange added that none of BitMEX’s core systems were at risk at any point. BitMEX has not sent mass emails since …
Bitcoin / Nov. 4, 2019
Website Compiles List of KYC-Free Exchanges, Along With Some Warnings
A new website seeking to compile an active list of every cryptocurrency exchange that welcomes traders in some capacity without forcing them to hand over personal information through know-your-customer, or KYC, verification. Kycnot.me is only concerned with exchanges that support Bitcoin (BTC) or Monero (XMR), asserting that BTC is the largest crypto asset with the most adoption and XMR offers the strongest privacy protections. Website tracks KYC-free crypto exchanges The website currently lists 14 KYC-free trading platforms, many of which offer a peer-to-peer marketplace for crypto assets. However, the site has listed warnings concerning more than half of the exchanges …
Bitcoin / June 13, 2020
BitMEX Cryptocurrency Exchange Holds 0.18% of All Bitcoins in Circulation
BitMEX, the world’s largest cryptocurrency exchange by daily trading volume to date, now holds 0.18% of all Bitcoins (BTC) in circulation. In a Dec. 26 tweet, James Lopp, CTO at New York-based crypto custody startup Casa, also pointed out that BitMEX’s dedicated insurance fund has surged 62% in 2019. BitMEX holds 33,449 Bitcoins out the 18.1 million mined to date According to daily historical records of BitMEX Insurance Fund, the balance of the fund has grown from 20,776 BTC on Jan. 1, 2019 to 33,449 BTC on Dec. 26, worth around $239 million at press time. As such, the world’s …
Bitcoin / Dec. 27, 2019
Cryptocurrency Exchange BitMEX Enables Native SegWit Support
Cryptocurrency exchange BitMEX added support for native segregated witness (SegWit) addresses for Bitcoin (BTC) withdrawals, which lets users pay lower transaction fees. According to an announcement on Dec. 12, BitMEX now allows its users to withdraw Bitcoin to Bech32 addresses, the one that natively supports the segregated witness standard. Bitcoin address formats As the announcement explains, the Bitcoin network currently supports three address formats. The first one — Bitcoin’s original address format — is pay to public key hash (P2PKH), which starts with a 1. The second format is the pay to script hash (P2SH), which allows users to send …
Blockchain / Dec. 12, 2019
BitMEX and Hong-Kong Listed Wine Firm Plan Joint Foray Into New Japanese Crypto Exchange
Crypto exchange BitMEX and a fine French wine retailer are reportedly partnering to acquire a majority stake of licensed — but as yet inactive — Japanese crypto exchange BitOcean. Cointelegraph Japan reported on the potential partnership on Dec. 21. Madison Holdings Group, which is currently listed on the Growth Enterprise Market (GEM) of the Hong Kong Stock Exchange, reportedly plans to acquire a 62.7 percent stake of BitOcean for 1.68 billion yen ($15.12 million) — paid to existing third-party stakeholders — in addition to a further $15 million in extra fees. The deal, as yet incomplete, is reportedly to be …
Bitcoin / Dec. 26, 2018