Australian exchange, BTC Markets, suffered a data leak yesterday, December 1st. The exchange accidentally sent emails with customers’ names and email addresses to the customers themselves.
The emails were supposed to announce the addition of USDT pairs and support for a Spark token airdrop.
Australian digital currency exchange, BTC Markets, recently made an error that could lead to a new wave of phishing attacks. The platform accidentally exposed its users’ names and email addresses in a marketing email, which was then sent to all of the affected customers.
Customer Emails Exposed in a Marketing Campaign
The incident took place yesterday, December 1st, when the platform sent emails in batches. Each group had the details of 1,000 people, meaning that every customer received an email with their own information, as well as that belonging to 999 other individuals.
BTC markets’ CEO, Caroline Bowler, expressed the firm’s heartfelt apologies. Bowler noted that the company’s officials have been putting all their effort into minimizing the consequences of the incident. They are implementing additional security features, so that similar incidents and leaks would not happen in the future.
For now, the exchange is in the process of reporting the situation to the Office of the Australian Information Commissioner. The exchange hopes to seek guidance from the Office, and decide how to move forward.
What can be Done About it?
Unfortunately, there is not much that the exchange can do about the incident that has already happened, apart from giving some advice about how the users might want to proceed.
Bowler, for example, recommended that the customers enable two-factor authentication in order to protect their accounts. In addition to that, they should change their passwords, and make sure that the new password is strong and complex.
She further added that users should expect potential phishing attacks and authorized attempts to access their emails. With scam emails expected, users should make sure that they carefully examine emails, and even email addresses that they receive in the future.
One positive is that users’ personal data regarding the exchange was not exposed, and so their exchange accounts are not in danger. The only thing that was leaked was a combination of full names and emails.
The email itself was meant to promote the issuance of USDT pairs on the platform on December 3rd, as well as support for Flare Networks’ token airdrop on December 12th.