BTC Markets privacy breach exposes all customers to potential phishing attacks

Published at: Dec. 2, 2020

Major Australian cryptocurrency exchange BTC Markets accidentally exposed the full name and email addresses of all of its customers in a marketing email sent to each affected individual on Dec. 1.

The emails were sent in batches of 1,000, meaning that each customer was sent the name and email address of 999 other users.

BTC Markets is in the process of reporting the incident to the Office of the Australian Information Commissioner, with Bowler noting the exchange will be “taking guidance from the OAIC” on how to respond to the breach moving forward.

Speaking to Cointelegraph, BTC Markets CEO Caroline Bowler expressed the company’s “heartfelt apologies” for the incident, emphasizing that the exchange’s executives are now working around the clock to minimize the repercussions of the breach and to implement “additional security features” to prevent future information leaks.

Bowler recommended BTC Markets customers to ensure two-factor authentication is enabled to protect their account, and to change the password to their email account.

She also urged users to be wary of unauthorized attempts to access their email accounts and of phishing scams purporting to be from BTC Markets. She recommended users double-check that emails appearing to be from BTC Markets are actually from addresses ending in “@btcmarkets.net.”

Bowler noted that the breach has not impacted the security of the exchange itself, and that no personal data aside from full names and email addresses was leaked through the email.

The promotional email was issued to announce that BTC Markets will list pairings for USDT from Dec. 3, in addition to supporting Flare Network’s Spark token airdrop on Dec. 12.

While BTC Markets will still proceed with the Tether listing and Spark airdrop, Bowler highlighted that the immediate focus of the exchange is on managing the data leak.

It was a case of bad timing for Bowler, who yesterday announced she had joined local industry body Blockchain Australia as a board member.

Tags
Business
Cryptocurrency Exchange
Phishing
Security
Related Posts
Bilaxy exchange suspends website after ERC-20 hot wallet hack
Bilaxy, a lesser-known cryptocurrency exchange, has confirmed a major hacking incident, reporting the losses of funds due to an exploit of the platform’s ERC-20 hot wallet. Bilaxy announced on its Telegram channel that the crypto exchange suffered a “serious hack” on Saturday between 6 pm and 7 pm UTC, resulting in the transfer of 295 different ERC-20 tokens. According to the exchange, the affected tokens were transferred by the hacker to a single address. At the time of writing, the tokens are valued at $170,600, with the most recent transaction sending out 50 Ether (ETH), or about $159,000, on Monday. …
Bitcoin / Aug. 30, 2021
Coincheck Halts Crypto Remittance to Investigate Latest Data Breach
Major Japanese cryptocurrency exchange Coincheck has suffered a data breach involving unauthorized access to the platform’s domain registration service. Coincheck is one of the world’s oldest crypto exchanges. They suffered a $500 million hack in 2018, which is considered to be the biggest crypto theft in history. The exchange has now encountered another apparent attack that could lead to customers’ personal data and emails being leaked, Cointelegraph Japan reports June 2. Deposits and withdrawals operate while remittances are halted Announcing the incident on Tuesday, Coincheck said that the breach had “no impact on the customer's assets” this time. However, Coincheck …
Business / June 3, 2020
Coinbase Custody Obtains Two Major Security Evaluations
The crypto custody arm of major United States-based cryptocurrency exchange Coinbase, Coinbase Custody, obtained two new security evaluations. According to a press release published on Feb. 12, Coinbase Custody was granted a Service Organization Control (SOC) 1 Type 2 and a SOC 2 Type 2 report by major accounting firm Grant Thornton. System Organization Control reports In obtaining the reports, Coinbase Custody is able to prove to clients that they are compliant with a variety of security and reporting standards. According to Grant Thornton’s website, SOC reports are meant to provide information on “the existence and strength of financial, operational …
Business / Feb. 13, 2020
Ledger hardware wallets hit by the FTX earthquake, CTO says
Hardware-based cryptocurrency wallet provider Ledger has experienced some issues due to massive outflows from crypto exchanges amid the FTX bloodbath, according to its chief technology officer. Ledger saw a “massive usage” of their platforms and suffered a “few scalability challenges” on Nov. 9, Ledger CTO Charles Guillemet reported in a statement on Twitter. Guillemet reasoned Ledger’s issues by the outcomes of the ongoing crisis of a major global cryptocurrency exchange, FTX. The CTO said that crypto investors have been increasingly offloading their holdings from crypto exchanges to Ledger, stating: “ After the FTX earthquake, there's a massive outflow from exchanges …
Bitcoin / Nov. 10, 2022
SEC files objection to Binance US bid for Voyager assets
The United States Securities and Exchange Commission (SEC) has objected to Binance.US’ move to acquire over $1 billion of assets belonging to the defunct cryptocurrency lending firm Voyager Digital. According to a Feb. 22 filing submitted to the U.S. Bankruptcy Court in the Southern District of New York, the SEC believes that certain elements of the asset restructuring plan of Binance.US’ acquisition could breach Securities Laws. The SEC is formally investigating whether Binance.US and related debtors violated anti-fraud, registration and other provisions of the federal securities laws. The SEC noted particular concern around the security of assets through the planned …
Regulation / Feb. 23, 2023