The Australian cryptocurrency exchange, BTC Markets, has inadvertently exposed more than 270,000 emails of its customers. The company apologized for the inconvenience and reassured that all other data, including users’ funds, is safe.
BTC Markets Exposes Customers’ Emails
A user going by the Twitter handle Stevosxrp.crypto took it to Jack Dorsey’s social media giant and Reddit to first complain about BTC Markets’ screw up. The Australian-based exchange later confirmed the breach on its official Twitter account.
Earlier today, an announcement from BTC Markets exposed client names and email addresses. This is a deeply regrettable situation and we apologise wholeheartedly for it.
— BTC Markets (@BTCMarkets) December 1, 2020
The statement explained that BTC Markets “uses an external system to send client-wide emails.” Although the exchange has used this service for years “without an incident,” including sending test mails, this time, the testing “didn’t pick up that the sample email addresses in the batch were added to the same email, rather than sent individually.”
Consequently, the names and email addresses of account holders were exposed. BTC Markets claimed that this process was instant; therefore, “it was not possible to stop the batch send once the error was realized.”
The CEO of BTC Markets, Caroline Bowler, later revealed that all account holders were affected because the emails were sent in batches.
Funds Are SAFU, But The Damage Is Done
The exchange said that it will “self-report” to the Office of Australian Information Commissioner and “fully comply with the data breach reporting requirements.” Furthermore, the company plans to conduct an internal review.
Despite the data leak, BTC Markets reassured its users that the platform is still secure, no passwords were revealed, and all customers’ funds are safe.
Nevertheless, the exchange suggested that users’ should enable two-factor authentication (2FA) to enhance the security of their accounts.
None of those reassurances seemed to have an effect on the users, though. The Twitter thread explanation was met with numerous complaints from customers.
While most highlighted their disappointment with having their personal emails and names revealed, some took it a step further. One user claimed that the BTC Markets’ name is “now as good as dog s**t.”