In the aftermath of BitMEX’s accidental data leak, the largest crypto exchange in terms of trade volume released an official statement confirming that its core systems remain safe and intact. As emphasized, no other crucial information except some of its users’ email addresses has been shared in what appeared to be an unfortunate misstep.
The first reports about the data leak were published on November 1. Immediately, BitMEX reached out to its customers and apologized, guaranteeing that there’s nothing to worry about as no personal information had been disclosed.
The official statement was authored by Vivien Khoo, the COO of BitMEX. After conducting an investigation, she confirmed that the email leak was caused by a failure in the firm’s internal bulk email service.
Khoo also explained that BitMEX sends bulk emails to its clients only when it’s extremely necessary and that the last event took place in 2017. Notably, the content of the email is all about the crypto exchange’s indices update. This kind of information, as stressed by BitMEX, must be disclosed to users since it would significantly impact the firm’s product pricing.
BitMEX also shared that using the internal bulk email service was just a contingency plan; however, the delivery of emails would take more or less ten hours, and the firm thought it was not fast enough. With a desire to send the information to the users in a timelier manner, the crypto exchange decided to use the bulk email service.
The crypto exchange also clarified that upon the discovery of the leak, they immediately initiated pre-emptive measures to stop the remaining emails from being sent. Part of the damage control was to force users to reset their passwords, particularly those with balances, as well as the users that lack the two-factor authentication.
In the official statement, BitMEX also clarified that the email leak and the Twitter incident were not related. Notably, hackers attempted to take over the exchange’s official Twitter account right after the news about the email leak broke out. However, BitMEX said that it only took them six minutes to gain back control of the account.