BitMEX makes a huge mistake with user data

The established cryptocurrency exchange BitMEX made a rookie mistake last week and it could potentially put all of its users at risk. With the click of a single button, email addresses of thousands of its users were exposed recently. Adding insult to injury, its Twitter account was hijacked a short time later. If it can’t even protect something as simple as user data or its Twitter security, it’s difficult to place confidence in its ability to protect users’ money.

Apparently, according to BitMEX, a “bug” in the system caused the leak. However, some sources have said that it happened after someone was composing an email and inadvertently selected all users’ email addresses to be included. The exchange indicates that the problem, whatever it was, has been “identified and fixed.”

It added in a statement on its website, “We are aware that some of our users have received a general user update email earlier today, which contained the email addresses of other users.”

Our team have acted immediately to contain the issue and we are taking steps to understand the extent of the impact. Rest assured that we are doing everything we can to identify the root cause of the fault and we will be in touch with any users affected by the issue.

The privacy of our users is a top priority and we are very sorry for the concern this has caused to our users.

This latest incident won’t help to instill confidence in its ability to function properly and legally. BitMEX is already under investigation by the U.S. Commodity Futures Trading Commission (CFTC) for offering its products to U.S.-based users without an official registration. It has also been caught up in the scandal surrounding Crypto Capital, whose president was just arrested on money-laundering charges. Crypto Capital is a former business partner of BitMEX, as well as of Bittrex and Binance.

This latest embarrassment wasn’t received well by the crypto community and could bode an ominous demise for the exchange. States Jake Chervinsky, the general counsel for Compound Finance, on Twitter, “[This] kind of thing is a *massive* privacy breach with potentially serious consequences — the last thing a derivatives exchange needs to deal with during a CFTC investigation.”

A little after the news started making its rounds on social media, the exchange’s Twitter account was attacked. @BitMEXdotcom posted two tweets, although subsequently deleted, that read “Take Your BTC and run. Last day for withdrawals.” and then “Hacked.”

New to Bitcoin? Check out CoinGeek’s Bitcoin for Beginners section, the ultimate resource guide to learn more about Bitcoin—as originally envisioned by Satoshi Nakamoto—and blockchain.

[10]
[10]