BitMEX leaks users’ email addresses; raises privacy concerns
Update: BitMEX released an updated statement on the issue affirming that the root cause for the email addresses leak was discovered. According to the crypto-platform, it was a result of a “software error which has now been addressed.” The platform further advises users to be aware of phishing attempts and to secure their email addresses with strong and unique passwords and 2FA.
One of the largest Bitcoin derivatives platforms in the world, BitMEX, is caught in a fiasco, resulting in the email addresses of many of its users being leaked. This was first discovered by its customers when they could view the email addresses of other users after an email regarding an update was sent to everyone by BitMEX. The mistake, according to many, seems to be that the person in charge of sending the mail listed all the email address in carbon copy [CC], instead of blind carbon copy [BCC].
Jake Chervinsky, a well-known lawyer in the crypto-space, opined on the issue by stating,
“BitMEX just doxxed its users in the most outrageously incompetent way imaginable: forgetting to use blind copy on mass email. Someone must be cleaning out their desk already.“
After this incident started to draw more attention, the cryptocurrency platform released an official statement on their website. The derivatives platform stated that they “are aware” of the mishap and that they have taken all the necessary measures required to gauge the level of damage caused.
“Our team have acted immediately to contain the issue and we are taking steps to understand the extent of the impact. Rest assured that we are doing everything we can to identify the root cause of the fault and we will be in touch with any users affected by the issue.”
Importantly, this leak has resulted in some users and influencers on Twitter recommending others to change their email addresses as soon as possible, while even enabling two-factor authentication considering the possibility that their BitMEX accounts could now be vulnerable.
Crypto Loomdart, a Twitter user, tweeted about the incident and stated,
“looks like bitmex just f****ed up big time….. I’d reccomend people change their bitmex account email addresses, (atleast ensure you have 2fa enabled and change the password, your email address is now compromised and hackers may use databases and similar passwords to hack)”
Leading exchange platforms have also raised concerns over this leak by releasing their own statement on the issue.OKEx, a leading cryptocurrency exchange, also released a statement on its Twitter handle and requested users using the same email ID for both exchanges to change it immediately. The exchange said,
“If you are affected and have an OKEx account with the same email login, we recommend that you change your email for security reasons. Email change requests will be prioritized during this time.”