Security Alert: BitMEX Doxxes About 30,000 Users in Mass Email, Watch For Phishing Attempts – UPDATE


  • Derivative exchange BitMEX leaks the data of thousands of its users
  • Change your email address, enable 2FA
  • This Halloween has been scary for the cryptocurrency community this time.

First, derivatives cryptocurrency platform Deribit liquidated all the positions due to a glitch in one of the exchanges (Coinbase) used for its Bitcoin Index that cost the company 150 BTC (approximately $1.3 million).

Now, another crypto derivatives platform BitMEX has doxxed its users in what Jake Chervinky, General Counsel at Compound Finance calls “the most outrageously incompetent way imaginable.”

In its official statement released on Nov 1, the exchange acknowledges that some of its users have received a general user update email that contained the email address of other users as well.

“Our team have acted immediately to contain the issue and we are taking steps to understand the extent of the impact. Rest assured that we are doing everything we can to identify the root cause of the fault and we will be in touch with any users affected by the issue,”

The mistake has been a stupid one. Instead of using the BCC (blind carbon copy), the person who must be an employee of the exchange CC'd the email to the users.

Chervinky stated,

“This kind of thing is a *massive* privacy breach with potentially serious consequences — the last thing a derivatives exchange needs to deal with during a CFTC investigation. This can't possibly be intentional.”

Now, all BitMEX users are recommended to change their email address and take extra precaution by enabling 2FA for their email service.

https://twitter.com/CryptoDonAlt/status/1190182350862397440

Cryptocurrency exchange OKEx also recommended the affected users to change their email addresses if they use the same login on OKEx.

This isn't the first time something like this has happened. A few months ago, the leading cryptocurrency exchange Binance revealed that some of know-your-customer (KYC) documents of its users, stored with a third party, were stolen and made public. The exchange offered a reward of 300 BTC for information on the hacker.

BitMEX Email Blunder – UPDATE

Email Leak Update: After the email mishap, trader and crypto enthusiast @TheCrypt0Mask ran a search on the leaked BitMEX emails that got him a hit on 229 ones while others have already started exploiting this mishap to shill reference links.

Meanwhile, Bitmexdatabaseleak, who joined Twitter on Nov. 1 just to announce “Whose account do we leak next?” is claiming to be behind this blunder.

There is no clarification of the account behind this but he/she/they have been trying to convince with tweets like:

https://twitter.com/Bitmexdatabase1/status/1190213164698230784

https://twitter.com/Bitmexdatabase1/status/1190229852026073090

However, the leak reportedly has been an accident that used carbon copy instead of blind carbon copy.

BitMEX Twitter Hack/Troll: On another note, according to the screenshots shared on Twitter, BitMEX might have lost control of its Twitter account as well.

These tweets other users claim to have been deleted shortly after so there is no evidence of the same on BitMEX’s official account.

BitMEX however, took to Twitter to reassure its users stating, “while the trolls may target our Twitter account, you may rest assured that all funds are safe.”

Withdrawal Disabled Update: Bitcoin investor and crypto trader Alistair Milne took to Twitter to share that amidst the ongoing chaos withdrawals on the derivative exchange has been disabled.

We will keep you updated as the story develops.

Get Daily Headlines

Enter Best Email to Get Trending Crypto News & Bitcoin Market Updates

What to Know More?

Join Our Telegram Group to Receive Live Updates on The Latest Blockchain & Crypto News From Your Favorite Projects

Join Our Telegram

Stay Up to Date!

Join us on Twitter to Get The Latest Trading Signals, Blockchain News, and Daily Communication with Crypto Users!

Join Our Twitter

Add comment

E-mail is already registered on the site. Please use the Login form or enter another.

You entered an incorrect username or password

Sorry, you must be logged in to post a comment.
Bitcoin Exchange Guide