Just when you thought Halloween was over, BitMex has struck fear into its own customers’ hearts after allegedly leaking their email addresses online.



It is only two months since Binance customers’ personal were leaked online, and now BitMex is facing its own data breach.



The difference? Whereas Binance’s leak of customers’ names, addresses, photographs and signatures was allegedly the work of someone who may have previously worked with the exchange, BitMex’s data breach seems to be of its own making.



Clumsy



The breach couldn’t have happened in a more embarrassing way either.



Customers who were sent an update by the exchange, reported being able to see the email addresses of every other BitMex customer in the message’s carbon copy (CC) field.



Source: Sakura Rice Bird, Twitter



Looks like someone at BitMex failed to list customer emails in the blind carbon copy (BCC) field, thereby making everyone’s email addresses visible to everyone else. Oops.



Basic error



The fact that one of the world’ largest crypto exchanges can make such a basic mistake is hugely worrying for its customers.



They now face having to update their passwords on the exchange as well as ensure their two-factor authentication settings are up to date.



BitMex reported that it was investigating the leak.



We are aware of an email privacy issue impacting our customers. We have identified the root cause and will be in touch with any users affected by the issue. See our blog for details: https://t.co/FNp2Fdyxdn — BitMEX (@BitMEXdotcom) November 1, 2019

However, people across the world of crypto and social media are slamming the exchange for – on the face of it – a problem of their own creation.



One Twitter user complained: “How can anyone trust you after this?”.



WTF? How can anyone trust you after this??? — George Agathangelou (@GeorgeTProfit) November 1, 2019

While popular Twitter crypto trader Crypto Birb, said: “great job to say goodbye to every client you have ever had. Solid work team.”



great job to say goodbye to every client you have ever had

Solid work team — The ₿irb Nest (@TheBirbNest) November 1, 2019

Despite Binance suffering its own embarrassing leak a couple of months back, plus a hack in which 7,000 bitcoins belonging to its customers were stolen from its hot wallet, Changpeng Zhao, the Binance CEO was quick to highlight the breach on Twitter.



CZ reminded investors using crypto trading platforms: “Use a unique email address and unique password for each exchange. Use a password manager to remember the strong passwords for you.”



Use a unique email address and unique password for each exchange. Use a password manager to remember the strong passwords for you. https://t.co/hWjDldPRLN — CZ Binance (@cz_binance) November 1, 2019

It is clear – while Halloween might be another 365 days away, the BitMex team is stuck in a nightmare of its own making.

