November 6, 2019, | AtoZ Markets – On November 1, AtoZMarkets reported that BitMEX, a cryptocurrency exchange had exposed the email addresses of many customers.
The error occurred when the company mistakenly using the wrong email tool. Instead of using “blind CC”, it used "CC", for multiple emails sent to a large portion of its user base.
23,000+ Users Already Affected By This Debacle
After the BitMEX email data leak, a Twitter user claimed to have found over 200 passwords that matched the compromised emails on a database of stolen information.
So i ran a quick search on the bitmex emails on 1 of my databases and ive gotten quite a few hits( cleartext passwords)
— TheMask (@TheCrypt0Mask) November 1, 2019
Do you guys think i should email the ppl i found passwords for?
Cc: @inversebrah pic.twitter.com/xK682wWOnO
The exact number of affected customers remains unconfirmed. Nevertheless, according to Larry Cermak, director of research for The Block, at least 23,000 individuals had their emails exposed. These individuals are vulnerable to potential hackers looking to utilize their personal information and/or gain access to their digital assets.
UPDATE: I now have access to 23,000 emails that were leaked by BitMEX. Surprisingly, there is only one person that used a .gov email. There were 66 students/alumni that used .edu email. NYU dominates (7 people), followed by Berkley, and University of Michigan. https://t.co/vmcyVz5Uqe
— Larry Cermak (@lawmaster) November 2, 2019
Implications of BitMEX Email Data Breach
Oz Mishli, a cybersecurity specialist has offered some insights on the implications of the BitMEX email data breach on the exchange’s users.
“Email is where a lot of attack vectors begin. From simple phishing to (a) complex drive by exploits downloading malware. So access to a list with a significant number of email addresses of users in a specific exchange is a high quality target for fraudsters.”
Parties exposed in the BitMEX email data breach are likely to be traders or holders of cryptocurrencies. With this BitMEX email data leak, their funds may now be targeted by hackers.
“Hackers now have (an) effective way to precisely reach significant amounts of the exchange customers with highly targeted attacks,” says Mishli.
BitMEX did catch on to the leak in short order and it has taken precautions to prevent customers from being put further at risk. However, the fallout from the attack will be descending for some time.
While it seems that the direct implications of the leak are limited and the issue was identified and stopped by BitMEX, the indirect implications are still ongoing. There’s a high likelihood that the leaked data will be used to carry out targeted attacks on BitMEX’s affected customers, as mentioned above. In fact, in its blog, BitMEX states that it actually happened, and its support team is working very hard to prevent subsequent compromises following this leak.
“Two Main Attack Vectors”
Mishli also sees, “two main attack vectors,” enabled by the leak.
- Fraudsters attempting to access victims’ accounts, mainly by using a compromised password (databases) from past breaches (and relying on password reuse by the victim across different services).”
- Fraudsters initiating a targeted attack like (a) phishing campaign or malware campaign targeting BitMEX specifically.”
Mishli says the attack on customers is likely to come first as it is a lower-level attack that is easier to pull off by less sophisticated attackers. Mishli says it appears that BitMEX is already repelling these.
An attack on BitMEX, on the other hand, is likely to come later as it requires more thorough preparation and stronger skills. In the meantime, BitMEX users have been advised to enable their two-factor authentication (2FA) and also to reset their passwords.
What do you think about the BitMEX email data breach? Share your thoughts in the comments section below!