BTC Markets, one of Australia’s largest cryptocurrency exchanges, has accidentally exposed users’ personal data, increasing the risk of phishing attacks.
As reported Wednesday by Business Insider Australia, the exchange revealed the names and email addresses of over 270,000 users when it sent out mass emails. The error saw names and addresses entered in the “to” section instead of addressing each recipient individually or using a blind carbon copy.
The emails were sent in batches of 1,000 recipients which meant exposure to one bad actor was limited to the data of 999 people per email.
However, “all account holders were affected”. BTC Market Chief Executive Caroline Bowler said a tweet “The email was sent in batches, rather than in bulk.”
Once started, the emails cannot be stopped even after the error is noticed, according to the report.
Although no passwords or financial data were included in the breach, the email addresses can be used for targeted phishing campaigns, as attackers know that those affected have cryptocurrency accounts.
The mistake highlights the risks that centralized exchanges can pose when it comes to user data and privacy.
According to Business Insider, BTC Markets will report the breach to the Office of the Australian Information Commissioner, undertake an internal review and work to increase security.
CoinDesk reached out to BTC Markets for comment but received no response at press time.
[ad_2]Source link