Australian Cryptocurrency Exchange Reveals Information About 270 Thousand Users
BTC Markets, one of Australia’s largest cryptocurrency exchanges, has inadvertently exposed users ‘ personal data, raising the risk of phishing attacks.
As reported by Business Insider Australia, the exchange uncovered the names and email addresses of more than 270,000 users when sending bulk emails. When users opened the email, they directly encountered a list containing user information.
The emails were sent in groups of 1,000 recipients and the risk of exposure to a bad actor is limited to the data of 999 people per email. According to the report, e-mail sending could not be stopped even after the error was noticed after it was started.
Not including password and financial data
Although no passwords or financial data were included in the breach, the email addresses could be used for targeted phishing campaigns, as attackers know that the affected people have cryptocurrency accounts. The fact that such a mistake came out of a cryptocurrency exchange is described as a major scandal.
According to Business Insider, BTC Markets will report the breach to the Australian Information Commissioner’s office, conduct an internal review and work to improve its security.
In a statement on Twitter, the firm apologised and said::
“Earlier today, an announcement from BTC Markets revealed customer names and email addresses. This is a very sad situation and we sincerely apologize for this. We will self-report to the Australian Information Commissioner’s office and fully comply with data breach reporting requirements. In addition, there will be an internal review and additional rigour in data security and training.”