Cryptocurrency exchange BitMEX has exposed the email addresses of 23,000 customers after sending out an email with the emails of the recipients in the cc: field.

The email addresses were exposed when the exchange sent out its weekly newsletter, immediately causing concern among its users given that the emails could be targeted by malicious actors.

BitMEX confirmed the data breach, saying in a statement Friday that it was aware that some of its users have received a general user update email that contained the email addresses of other users.

“Our team have acted immediately to contain the issue and we are taking steps to understand the extent of the impact,” the statement adds. “Rest assured that we are doing everything we can to identify the root cause of the fault and we will be in touch with any users affected by the issue.”

The exposure of the emails opens up anyone on the list to spam, phishing attempts and, although it didn’t include passwords, attempts to obtain access to their accounts.

The use of common passwords is one obvious door to access. Hackers can match email addresses leaked by BitMEX to lists of previously hacked credentials then attempt to use the passwords they identify to gain access to BitMEX accounts.

Phishing attempts are a real risk given that the BitMEX leak confirms that the email addresses belong to BitMEX users.

The timing isn’t great for BitMEX. It’s under investigation by the U.S. Commodity Futures Trading Commission for providing services to U.S. citizens while not licensed to do so. According to Larry Cermak, director of research at The Block, some of the leaked emails include those from the U.S.

Dovey Wan, the co-founder of Primitive Crypto, noted that it may expose those on the list to attention from the U.S. Internal Revenue Service as well.

There is very little users can do other than to make sure they’re not using the same password across multiple sites, starting with BitMEX itself.

READ  Fortress Trading's NationsShares President Shorts Bitcoin on TV, Has Crypto has No Fundamental Value
Image: Marco Verch/Flickr

Since you’re here …

… We’d like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.

If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.



Please enter your comment!
Please enter your name here