With a leak of at least 23,000 emails, the recent BitMEX email leak was much heavier than expected. An inadvertent message that included lists of emails made the rounds last week, creating a security break for the largest crypto derivatives exchange.
23,000+ Emails Leaked by BitMEX
Details of the BitMEX email leak were shared a few hours ago by well-known industry researcher Larry Cermak in one of his tweets. Using BitMEX is not entirely illegal, though it has been banned for US citizens.
BitMEX’s, perpetual BTC/USDT swap, is the most active contract linked to Bitcoin (BTC) trades. The exchange, however, operates in a legal gray area, and the leaked emails may point to breaks in excluding some regions. Trading on BitMex has also been seen as highly risky, akin to gambling.
UPDATE: I now have access to 23,000 emails that were leaked by BitMEX. Surprisingly, there is only one person that used a .gov email. There were 66 students/alumni that used .edu email. NYU dominates (7 people), followed by Berkley, and University of Michigan. https://t.co/vmcyVz5Uqe
— Larry Cermak 🦁 (@lawmaster) November 2, 2019
The analysis of the leaks suggests most users were not highly aware of both internet and identity security. As much as half the emails may be linked to a name, only based on the actual composition of the address.
Some of the leaked emails were also compromised. This means BitMEX or even unrelated accounts can be at risk for exploitation. Taking over an exchange account could empty balances, or cause rogue trades. So far, none of this has affected the markets, though the attack coincided with a hack of the official BitMEX Twitter handle.