Victor Ugochukwu · Dec 14, 2020 . 5min read
BTC Markets accidental move exposes 270K users’ data to potential threats
BTC Markets, Australia’s cryptocurrency exchange, accidentally exposes users’ names and emails, thus raising the risk of phishing attacks.
By Komal Joshi · Dec 2, 2020 . 6min read
Cryptocurrencies are known to support users with privacy or even comprehensive anonymity. However, not even the greatest creators can ultimately impede human error. Apparently, one of the largest Australian crypto exchanges, BTC Markets, exposes the personal data, including names and email addresses of all its users on draft emails addressed to its consumers.
The exchange claims to have approximately 270,000 crypto traders on-board. Moreover, all of their private data remain exposed. Thus, growing the menace of phishing attacks on personal accounts.
The exchange’s email circulation took place in different lot sizes
In accordance with the BTC Markets, the company utilizes an external email system to communicate updates to its consumers. In the process of communicating mail, the company’s consumers’ names and emails were present in the ‘to’ section of emails, instead of blind carbon copied or marked individually. The emails were group limited to 1000 recipients. Thus, indicating that each individual only obtained an email with the details of over 999 other consumers rather than the complete list.
BTC markets state that their batch transfers happen quickly. Thus, elucidating that once they noticed the error, they were not able to terminate it from the process. The privacy breach endangers the safety of the exchange’s user base. The exchange utilizes a user’s email address as their login. Moreover, anyone with a record of users could utilize that data to conduct phishing attacks.
BTC Markets warns against phishing scams
In a Facebook post, the exchange shared their apologies for the chaos. It also states that disclosure of password data did not take place. As a prudent measure, BTC Markets will notify the incident to the Office of the Australian Information Commissioner. Hence, complying with the social data breach compliance measures.
Caroline Bowler, BTC Markets CEO suggests that BTC Markets consumers should use two-factor authentication to protect their account and to modify the password to their email account. She also advised users to be careful of unauthorized attempts to obtain their email accounts and phishing scams claiming to belong to BTC Markets. Furthermore, she recommends users to double-check that emails coming from the exchange are truly from addresses resulting in “@btcmarkets.net.”
BTC Markets sent out promotional emails to inform about list pairings for USDT from Dec. 3, in extension to maintaining Flare Network’s Spark token airdrop on Dec. 12. Moreover, it will continue with the Tether listing and Spark airdrop, but the paramount focus of the exchange is on handling the data leak.
Follow Cryptodose for more updates.