BitMEX, the world’s largest Bitcoin and crypto derivatives exchange, has released a statement regarding a security breach with email addresses that are linked to their users’ accounts.
Specifically, instead of blind-copying customers on an announcement, BitMEX issued an email to customers that revealed the addresses of the recipients.
According to the announcement, BitMEX apologizes for the error.
“We are aware that some of our users have received a general user update email earlier today, which contained the email addresses of other users.
Our team have acted immediately to contain the issue and we are taking steps to understand the extent of the impact. Rest assured that we are doing everything we can to identify the root cause of the fault and we will be in touch with any users affected by the issue.”
Binance, the world’s leading cryptocurrency exchange, is warning users to change their password immediately if they also have a BitMEX account that uses the same password.
⚠️We are aware of a large-scale user email leak from another exchange.⚠️
If you are one of the affected users and you also have a Binance account under the same email address, we recommend changing your email immediately using the below steps:https://t.co/sgEr5sqleg
— Binance (@binance) November 1, 2019
Reports on social media also confirm that hackers infiltrated BitMEX’s Twitter account, posting tweets that have now been deleted.
The exchange affirms that its users’ funds are safe.
We would like to reassure our users that while the trolls may target our Twitter account, you may rest assured that all funds are safe.
— BitMEX (@BitMEXdotcom) November 1, 2019
Larry Cermak, head of research at The Block, warns that any user who has had their email address compromised should be on the alert for phishing scams.
“There is already a 30k email dump selling on darknet. For any user that was involved in this leak, get ready for constant phishing attempts and emails from competitors. Be careful.”