It’s been a bad start to the month for one exchange.
BTC Markets, which is based in Australia, has inadvertently revealed the names and email addresses of its users after a market campaign went awry.
The exchange was announcing that it had listed the Tether stablecoin in an email to customers. Normally, these emails are addressed directly to one user — but those who received this message could also see the contact details of 999 others.
It appears that this error was replicated dozens of times, with BTC Markets customers being included in different batches of 1,000 addresses.
On Twitter, the exchange wrote:
The company also stressed that its platform remains secure and unaffected by the blunder — stressing that password information was not compromised either. It is now urging customers to activate two-factor authentication. Explaining what caused the data breach, the exchange added:
“BTC Markets uses an external system to send client-wide emails. We have used this system without incident for a number of years. Our usual process is to also send test emails. However, today our testing didn’t pick up that the sample email addresses in the batch were added to the same email, rather than sent individually. In this case, the batch sizes were under 1,000 email addresses.”
BTC Markets added that it will now report itself to the Office of Australian Information Commissioner — vowing to “fully comply with the data breach reporting requirements.” An internal review will also take place, and there will be “additional rigour placed around data security and training.”
Affected users didn’t react kindly to the announcement:
Read more on CoinMarketCap Alexandria
CoinMarketCap’s education portal has plenty of top tips for keeping for crypto safe — check out how you can protect yourself against common scams here.
All the crypto news… straight to your inbox!
We’re bringing you top stories every day on the CoinMarketCap blog. But if you prefer, we can come to you… direct to your inbox. Subscribe to our newsletter here!